|
Penetration Testing
mailing list archives
Re: Pen Testing Novell
From: "ROB DIXON" <RDIXON () workforcewv org>
Date: Tue, 31 Jan 2006 09:16:29 -0500
Here are a couple of links taht may be helpful.
http://www.frsirt.com/english/product/2717
http://www.vulnerabilityscanning.com/Netware-Security.htm
Also, maybe the groupwise webaccess application isnt vulnerable, but maybe you could get in through an apache
vulnerability?
Groupwise 6.5 and 7 both running natively on Apache. depending on the service pack level of the netware OS they may be
running 1.2. Plenty of opportunity ;)
New Guy..out
Robert L. Dixon, CSO
CHFI A+
Netware/GroupWise Administrator
State of West Virginia's
Office of Techonology
Infrastructure Applications
Telephone: (304)-558-5472 ex.4225
Cellphone: (304)-549-2068
Email:rdixon () workforcewv org
"Ivan ." <ivanhec () gmail com> >>>
Jon
You can find some info here, might be a little old.
http://www.nmrc.org/project/pandora/
http://www.nmrc.org/pub/
cheers
Ivan
On 1/25/06, Jon Gucinski <Jgucinski () midwestbank com> wrote:
Has anyone ever run a pen test against Novell GroupWise or Novell
Directory Services? Can you recommend any good ways to test security,
snag a password file, etc?
Thanks,
-Jon
NOTICE: This electronic mail message and any files transmitted with
it are intended exclusively for the individual or entity to which it
is addressed. The message, together with any attachment, may contain
confidential and/or privileged information. Any unauthorized review,
use, printing, saving, copying, disclosure or distribution is
strictly prohibited. If you have received this message in error,
please immediately advise the sender by reply email and delete all
copies.
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
