Copy Link
Add to Bookmark
Report
The Lone Gunmen Issue 079
______________
| ___ ___ |
| |_ | | _| | ______ ______
|___| | | |___| |_ _| / \
| | | | | /----\/
| | | | | |
| | | | | | ___
| | | | __ | | <_ | Issue #:079
_| |_ _| |_| | | \___/ | Date:08\09\96
|______| () |_________| () \________/ ()
_ / / \ \ _
/ _ / ThE Lone Gunmen Presents: \ _ \
| | | |
| | NetWare's Intruder Detection | |
| | Written By: Yankee | |
| | | |
| | | |
| \____________________________________/ |
\________________________________________/
********************************STOP******************************************
*** In this day and age, anyone can get there hands on text philez and that***
*** means that even the yuppie kids, who don't follow directions, can (and ***
*** will probably blow there faces,hands,fingers,noses,legs,nipples,and P-P***
*** blown off, so before you continue read the File "DISCLAIMER!" that was ***
*** included in the .ZIP file. it basicly says that you cant sew me if you ***
*** get fucked. **************************************************************
******************************************************************************
Introduction
~~~~~~~~~~~~
According to Novell, about 70% of all LANs are running NetWare in one
form or another. Therefore, as the informed little computer geeks we all
want to be, it pays to know the ins-and-outs of NetWare. I'm nowhere near
an expert on the system; I've only used it once or twice, actually; and I'm
not gonna try and sound like I know it all about NetWare, either.
Some Real Information
~~~~~~~~~~~~~~~~~~~~~
While doing some research on the system for my own reasons, I discovered
a handy feature of NetWare called Intruder Detection (ID). Now, all of you
experience in NetWare probably know about this, but I'm gonna babble about it
for a while, because, for those of you that don't know, this is something
you may find useful in the future.
úùú
Intruder Detection is a precaution against password cracking. Now, if
you don't know a user's password, one way to get access to their account is
by trying some obvious passwords, like their cat's name or girlfriend or
something. The problem is that if you fail a login attempt, and the LAN's
supervisor has Intruder Detection enabled, NetWare will increase a failed
attempt counter on that user's account. When the number of failed attempts
reaches the supervisor defined value, the user is totally locked out of the
network for a preset period of time. This gives the administrators time to
check the account for security leaks or whatever so they can plug any holes
in the system before reinstating that user's account.
Note
~~~~
From what I've heard and read, a lot of supervisors turn Intruder
Detection off because they are just too lazy to go around resetting accounts
when legit users screw up their passwords. Good for you, bad for them.
Now What?
~~~~~~~~~
Now, stop for a sec and think of the benefits of this feature instead of
the deterence it might generate. What good is it to you?
úùú
Well, try purposely failing all the alotted logins on a NetWare LAN that
you know the supervisor has enable ID. Why would you want to do that? Well,
use the supervisor's account! Fail the logins, ID locks that account, and
the supervisor has to go through a hell of a lot of time and trouble to get
his own friggin' account back. A few weeks of this will annoy the piss out
of him and he'll disable Intruder Detection. Now you no longer have a limit
to crack the user's password in.
úùú
Or, you could just repeatedly fail another user's account just before you
know they need to do something important on the network so that have to go
crying to the administrator to fix it. That's almost as fun.
úùcopyright august nineteen ninety-six by yankee of the lone gunmenùú
SAUCE00NetWare's Intruder Detection Yankee ThE Lone Gunmen[TlG]19960808* P T