Re: Pen Testing Novell

[HObbES <hobbes () maple vaxer net>]

Have you tried Pandora by Simple Nomad?

http://www.nmrc.org/project/pandora/index.html

-HObbES

This one time, ROB DIXON wrote:
> Here are a couple of links taht may be helpful.
>
> http://www.frsirt.com/english/product/2717
>
> http://www.vulnerabilityscanning.com/Netware-Security.htm
>
> Also, maybe the groupwise webaccess application isnt vulnerable, but maybe you could get in through an apache 
> vulnerability?
>
> Groupwise 6.5 and 7 both running natively on Apache. depending on the service pack level of the netware OS they may 
> be running 1.2. Plenty of opportunity ;)
>
> New Guy..out
>
> Robert L. Dixon,  CSO
> CHFI A+
> Netware/GroupWise Administrator
> State of West Virginia's 
> Office of Techonology
> Infrastructure Applications
> Telephone: (304)-558-5472 ex.4225 
> Cellphone: (304)-549-2068
> Email:rdixon () workforcewv org
> > > > "Ivan ." <ivanhec () gmail com>  >>>
> Jon
>
> You can find some info here, might be a little old.
>
> http://www.nmrc.org/project/pandora/
>
> http://www.nmrc.org/pub/
>
> cheers
> Ivan
>
> On 1/25/06, Jon Gucinski <Jgucinski () midwestbank com> wrote:
> > Has anyone ever run a pen test against Novell GroupWise or Novell
> > Directory Services?  Can you recommend any good ways to test security,
> > snag a password file, etc?
> >
> > Thanks,
> >
> > -Jon
> >
> > NOTICE: This electronic mail message and any files transmitted with
> > it are intended exclusively for the individual or entity to which it
> > is addressed. The message, together with any attachment, may contain
> > confidential and/or privileged information. Any unauthorized review,
> > use, printing, saving, copying, disclosure or distribution is
> > strictly prohibited. If you have received this message in error,
> > please immediately advise the sender by reply email and delete all
> > copies.
> >
> >
> > ------------------------------------------------------------------------------
> > Audit your website security with Acunetix Web Vulnerability Scanner:
> >
> > Hackers are concentrating their efforts on attacking applications on your
> > website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> > login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> > futile against web application hacking. Check your website for vulnerabilities
> > to SQL injection, Cross site scripting and other web attacks before hackers do!
> > Download Trial at:
> >
> > http://www.securityfocus.com/sponsor/pen-test_050831
> > -------------------------------------------------------------------------------
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner: 
>
> Hackers are concentrating their efforts on attacking applications on your 
> website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
> futile against web application hacking. Check your website for vulnerabilities 
> to SQL injection, Cross site scripting and other web attacks before hackers do! 
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
--
It is proverbial that from   (\`--/') _ _______ .-r-.  
a hungry tiger and an         >.~.\ `` ` `,`,`. ,'_'~`.          
affectionate woman there is  (v_," ; `,-\ ; : ; \/,-~) \            
no escape. -Ernest Bramah     `--'_..),-/ ' ' '_.>-' )`.`.__.')   
hobbes at vaxer dot net      ((,((,__..'~~~~~~((,__..'  `-..-'fL    

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------