Vulnerability Development mailing list archives
Re: Novell 32bit Client , Passwords
From: reddog_33 () HOTMAIL COM (Reddog Hummer)
Date: Thu, 6 Apr 2000 20:56:54 GMT
the novell pasword isn't saved in *.PWL but some stupid users log on to an offline system and that pasword will save in a *.pwl red
From: Seth R Arnold <sarnold () WILLAMETTE EDU> Reply-To: Seth R Arnold <sarnold () WILLAMETTE EDU> To: VULN-DEV () SECURITYFOCUS COM Subject: Re: Novell 32bit Client , Passwords Date: Thu, 6 Apr 2000 10:18:32 -0700 * Michael Sanders <michaels () ebusolutions co za> [000406 08:42]:Sorry if this has been covered already, does anyone know were thepasswordsare cached in the novell client? Ive noticed that when a Novell 4.11servergoes down and brought back up again the client authenticates with the correct logon details to the NDS. Is they cached , are the encrypted adndothey get cleared ?Michael, it might vary between the microsoft novell client and the novell novell client (aka intranetware, aka client32) -- but I believe both of them store the passwords in windows' .pwd files (under 9x) and in user.dat in the user's profile directory under NT. As for being encrypted, they are at least obfuscated. They might be stored encrypted with the user's single-signon password, or they might be stored in a plain-text equivalence. I honestly don't know, but a search at MS's KB for "password cache" or "password caching" might turn up exactly what you want to know. HTH -- Seth Arnold | http://www.willamette.edu/~sarnold/ Hate spam? See http://maps.vix.com/rbl/ for help
______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
Current thread:
- Re: Novell 32bit Client , Passwords Reddog Hummer (Apr 06)