Top Document: comp.os.netware.security FAQ Previous Document: 1.02 - Is the execute-only flag secure? Next Document: 1.04 - Can the server be infected with a computer virus? See reader questions & answers on this topic! - Help others by sharing your knowledge Since Novell NetWare 3, passwords are sent to the server encrypted using a hashing function. The three password functions (Login, Change password, Verify password) have a pretty secure protocol, such that the information gathered by packet sniffers cannot be used to reconstruct the event or determine the password. Some very old software use the NetWare 2 unencrypted password calls. These can be captured and used, since these passwords are sent in plaintext. Packet sniffers can capture just about all other information that is transmitted on the LAN. This includes telnet/ftp passwords, etc. User Contributions:Top Document: comp.os.netware.security FAQ Previous Document: 1.02 - Is the execute-only flag secure? Next Document: 1.04 - Can the server be infected with a computer virus? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: F.U.Mirza@sheffield.ac.uk (Fauzan Mirza)
Last Update March 27 2014 @ 02:11 PM
|
Comment about this article, ask questions, or add new information about this topic: