IT Baseline Protection Manual - The Information Warfare Site

Networked Systems Novell Netware 3.x
_________________________________________________________________________________________
6.5 Novell Netware 3.x
Description
Novell
A LAN with PCs that are networked with the network
Netware
operating system Novell Netware 3.x is considered. The PCs
3.x
can be equipped with hard disks, CD-ROMs and floppy disk
drives. One, or possibly more printers, can be connected as
waiting loop printers. The subject of this chapter is the
Novell 3.x network in a client-server function. Thus, this
chapter is a supplement to chapter 6.1 and is operatingsystem
specific.
The functions of so-called Accounting will not be considered.
Note: File and program names will always be written in capital letters and italics (e.g.
SYS:PUBLIC\SYSCON.EXE).
Threats and the necessary measures that arise have been put together on the basis of Novell versions
3.11 and 3.12. Due to the presence of various patch levels in the network operating-system, not all
threats might apply to every variant of Novell Netware 3.x.
Threat Scenario
For IT baseline protection, the following typical threats will be considered.
Force Majeure
- T 1.2 Failure of the IT system
Organisational shortcomings:
- T 2.33 Siting of Novell Netware Servers in an insecure environment
- T 2.34 Absence of or inadequate activation of Novell Netware safeguards
- T 2.58 Novell Netware and date conversion to the year 2000
Technical Failure:
- T 4.1 Disruption of power supply
Deliberate Acts:
- T 5.23 Computer viruses
- T 5.43 Macro viruses
- T 5.54 Deliberately causing an Abnormal End
- T 5.55 Login Bypass
- T 5.56 Temporary free-access accounts
- T 5.57 Network analysis tools
- T 5.58 Hacking Novell Netware
- T 5.59 Misuse of administrator rights in the Novell Netware network
_________________________________________________________________________________________
IT-Baseline Protection Manual: Otober 2000