|
Top Document: comp.os.netware.security FAQ Previous Document: 1.02 - Is the execute-only flag secure? Next Document: 1.04 - Can the server be infected with a computer virus? See reader questions & answers on this topic! - Help others by sharing your knowledge
Since Novell NetWare 3, passwords are sent to the server encrypted
using a hashing function. The three password functions (Login,
Change password, Verify password) have a pretty secure protocol,
such that the information gathered by packet sniffers cannot be
used to reconstruct the event or determine the password.
Some very old software use the NetWare 2 unencrypted password calls.
These can be captured and used, since these passwords are sent in
plaintext.
Packet sniffers can capture just about all other information that
is transmitted on the LAN. This includes telnet/ftp passwords, etc.
User Contributions:Top Document: comp.os.netware.security FAQ Previous Document: 1.02 - Is the execute-only flag secure? Next Document: 1.04 - Can the server be infected with a computer virus? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: F.U.Mirza@sheffield.ac.uk (Fauzan Mirza)
Last Update March 27 2014 @ 02:11 PM
|
comp.os.netware.security FAQ
Section - 1.03 - Can a packet-sniffer capture passwords?
Search the FAQ Archives
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
comp.os.netware.security FAQ
Section - 1.03 - Can a packet-sniffer capture passwords?
( Single Page
)
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Cities ]
Comment about this article, ask questions, or add new information about this topic: