Educause Security Discussion mailing list archives
Re: Secure Password Distribution for Exchange Migration
From: Rich Graves <rgraves () CARLETON EDU>
Date: Thu, 8 Dec 2011 13:17:31 -0600
You don't say how Cyrus is checking passwords, but you mention Netware. If you are using Universal Password, then lots of tools are available to extract the cleartext password from NDS. One is http://ldapwiki.willeke.com/wiki/DumpEdirectoryPasswordInformationTool If your Cyrus installation is using using neither Kerberos nor NetWare, then you can intercept passwords at PAM layer if applicable, or worst case with minor changes to Cyrus source code. -- Rich Graves http://claimid.com/rcgraves Carleton.edu Sr UNIX and Security Admin CMC135: 507-222-7079 Cell: 952-292-6529
Current thread:
- Secure Password Distribution for Exchange Migration David Treble (Dec 08)
- Re: Secure Password Distribution for Exchange Migration Joel Rosenblatt (Dec 08)
- Re: Secure Password Distribution for Exchange Migration Rich Graves (Dec 08)
- Re: Secure Password Distribution for Exchange Migration Rob Whalen (Dec 09)
- Re: Secure Password Distribution for Exchange Migration David Treble (Dec 09)
- security. Bringing up SAS70 requirements once again. David Grisham (Dec 11)
- Re: security. Bringing up SAS70 requirements once again. Doug Markiewicz - EDUCAUSE (Dec 12)
- Re: security. Bringing up SAS70 requirements once again. Soldi, Miguel (Dec 12)
- Re: security. Bringing up SAS70 requirements once again. David Grisham (Dec 12)
- security. Bringing up SAS70 requirements once again. David Grisham (Dec 11)
- FW: [SECURITY] security. Bringing up SAS70 requirements once again. Sarazen, Daniel (Dec 12)
- Re: security. Bringing up SAS70 requirements once again. David Clift (Dec 12)