Bugtraq mailing list archives
Re: FW: Vulnerability in Novell Netware
From: Krzysztof Halasa <khc () INTREPID PM WAW PL>
Date: Fri, 16 Mar 2001 14:15:02 +0100
Jeffrey Seaton <jseaton () TCSERVE COM> writes:
Yeah I took a look at this but it is not a problem at all. If a system administrator is worried about someone logging in as a print server just extend the objects attributes and add a simultaneous login attribute. You can set this to 1 and only the print server will login. You can do this with Console1 or schemax. These are free utilities with Novell.
It isn't very useful, one can login when the real print server is down. You can also add station address restrictions for the print server object (probably using some non-Novell supplied utils). The real security measure is, as always, assigning the print server a password (and even that might be circumvented by a MITM attack). BTW: I haven't done any programming with Netware for few years, but I remember there is a 'set' command to disable "change to client rights" feature. Another thing which comes to mind is using regular account for printing, not root^H^H^H^Hadmin account. -- Krzysztof Halasa Network Administrator
Current thread:
- Re: Vulnerability in Novell Netware, (continued)
- Re: Vulnerability in Novell Netware Thomas M. Payerle (Mar 13)
- Re: Vulnerability in Novell Netware Jacek Lipkowski (Mar 14)
- Re: Vulnerability in Novell Netware Jon Miner (Mar 14)
- Re: Vulnerability in Novell Netware Mike Glassman - Admin (Mar 12)
- Re: Vulnerability in Novell Netware Ben Ponting (Mar 12)
- Re: Vulnerability in Novell Netware Scott Smith (Mar 13)
- Re: Vulnerability in Novell Netware Matthew Firth (Mar 12)
- Re: Vulnerability in Novell Netware Simple Nomad (Mar 13)
- Re: FW: Vulnerability in Novell Netware Jeffrey Seaton (Mar 15)
- Re: FW: Vulnerability in Novell Netware Jacek Lipkowski (Mar 16)
- Re: FW: Vulnerability in Novell Netware Krzysztof Halasa (Mar 19)