IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 5.58 Hacking Novell Netware
"Hacking Novell Netware" can principally be carried out in two ways.
Firstly, a targeted attack against a user account can be carried out from a
workstation in order to find out the password.
A targeted attack against a user account can take place via a so-called brute
force attack, in which a workstation (status: attached) with the help of an
algorithm or the provided dictionary, generates passwords and tries them out,
thus attempting to login to a previously established user account.
By using the program HACK.EXE an authorised user can carry out an attack
against the supervisor's account. By taking advantage of a weakness in the
operating system, all users of the Novell Netware server can be put in a
position equivalent to that of a supervisor. Also, the supervisor can be logged
out or his password changed, given the supervisor is logged on when
HACK.EXE is activated.
Furthermore, an attack can be carried out via direct manipulation of the server,
for example, to generate an account equivalent to that of a supervisor.
By loading and activating NLMs (Netware Loadable Modules), which were
developed as emergency tools, it is possible, for example, to create a special
user whose privileges on the Novell Netware server are equivalent to those of
a supervisor.
These tools, such as SETPWD.NLM, also function in Netware 4 networks. In
this context it is, therefore, advisable to once again refer to S 1.42 Secure
siting of Novell Netware Servers.
Most of these programs are freely available on the Internet. As regards their
operation, they can be used by "amateurs" as no specific knowledge of Novell
Netware is necessary.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000