Firewall Wizards mailing list archives

Re: Lotus Domino as an access control to internal network

From: Rik Farrow <rik () spirit com>
Date: Fri, 6 Mar 1998 10:53:06 -0700 (MST)

Aleph One <aleph1 () dfw net> may have written:

Your statement does not make sense. Who are you planning to guess the
password using a dictionary attack unless you also have the user's USER.ID
files? And if you have the USER.ID file and do guess the password you have
already broken in.


I am talking about using Notes as an agent for guessing a 
users password, and suggesting that this password will also be used
anywhere the user has access within an organization:  terminal
servers, not connected to the Domino server, other servers
such as Netware or NT servers.  Notes makes a dandy and  practically
undetectable mechanism for password guessing, and the password
guessed very likely will be in use elsewhere.

Regards,
Rik

Current thread:

Re: Lotus Domino as an access control to internal network Andreas Siegert (Mar 02)
- <Possible follow-ups>
- Re: Lotus Domino as an access control to internal network Rik Farrow (Mar 06)
  - Re: Lotus Domino as an access control to internal network Aleph One (Mar 06)
- Re: Lotus Domino as an access control to internal network Rik Farrow (Mar 06)
  - Re: Lotus Domino as an access control to internal network Aleph One (Mar 06)