Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

comp.os.netware.security FAQ
Section - 2.01 - What is HACK.EXE?

( Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Neighborhoods ]


Top Document: comp.os.netware.security FAQ
Previous Document: Section 2: Software
Next Document: 2.02 - What is NOVELBFH.EXE?
See reader questions & answers on this topic! - Help others by sharing your knowledge

    HACK is a program, written at Leiden University in the Netherlands,
    which exploits the lack of packet authentication in early versions
    of NetWare 3. It enabled a user to pose as a more privileged client
    by sending requests to the server with fake source addresses.
    
    If SUPERVISOR is logged on, it attempts to send a single packet to
    the server requesting it to add Supervisor-equivalency to the
    account it is being run from.

    Novell released updated versions of the server and client software
    which would add packet authentication (using a feature called NCP
    packet signatures). The software is available from ftp.novell.com.

    NetWare 3.12 includes the updated software, but the administrator
    still has to set the correct packet signature level on both server
    and workstations.

    With NCP packet signatures active, any attempt to forge packets
    to the server will result in a message on the server console, in
    the error log, and sent to the affected client.

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: comp.os.netware.security FAQ
Previous Document: Section 2: Software
Next Document: 2.02 - What is NOVELBFH.EXE?

Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
F.U.Mirza@sheffield.ac.uk (Fauzan Mirza)





Last Update March 27 2014 @ 02:11 PM