|
Top Document: comp.os.netware.security FAQ Previous Document: Section 2: Software Next Document: 2.02 - What is NOVELBFH.EXE? See reader questions & answers on this topic! - Help others by sharing your knowledge
HACK is a program, written at Leiden University in the Netherlands,
which exploits the lack of packet authentication in early versions
of NetWare 3. It enabled a user to pose as a more privileged client
by sending requests to the server with fake source addresses.
If SUPERVISOR is logged on, it attempts to send a single packet to
the server requesting it to add Supervisor-equivalency to the
account it is being run from.
Novell released updated versions of the server and client software
which would add packet authentication (using a feature called NCP
packet signatures). The software is available from ftp.novell.com.
NetWare 3.12 includes the updated software, but the administrator
still has to set the correct packet signature level on both server
and workstations.
With NCP packet signatures active, any attempt to forge packets
to the server will result in a message on the server console, in
the error log, and sent to the affected client.
User Contributions:Top Document: comp.os.netware.security FAQ Previous Document: Section 2: Software Next Document: 2.02 - What is NOVELBFH.EXE? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: F.U.Mirza@sheffield.ac.uk (Fauzan Mirza)
Last Update March 27 2014 @ 02:11 PM
|
comp.os.netware.security FAQ
Section - 2.01 - What is HACK.EXE?
Search the FAQ Archives
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
comp.os.netware.security FAQ
Section - 2.01 - What is HACK.EXE?
( Single Page
)
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Forum archive ]
Comment about this article, ask questions, or add new information about this topic: