Solved

NetWare 5.1 Password Questions

Posted on 2004-09-22
6
232 Views
Last Modified: 2012-06-21
Do you know of a password tool that will search for simple Novell username passwords and let us know if they don't meet our 8-character complex password requirement (numbers + letters)?  

Also, is there a password cracking tool that'll allow me to try and crack our user's current passwords to make sure we're secure?  I need to somehow export the user's passwords and test since I don't want to lock out accounts on a live server.
0
Comment
Question by:alfalibra
  • 3
  • 3
6 Comments
 
LVL 34

Accepted Solution

by:
PsiCop earned 500 total points
Comment Utility
These queries tread dangerously close to the limits of the EE Member Agreement. Even if I knew I password cracking tools for the NetWare environment, I wouldn't tell you that I did or tell you what they are. That's simply not done around here. If you have a legit need for a security audit, hire a legit security auditing contractor, or go to school to develop the necessary expertise.

There is no password cracking or password export in the NetWare environment. The passwords are not stored in plain text - they are encrypted, using a trapdoor algorithim. There is no way (in theory) to take an encrypted password and reverse the encryption to get the original password. Any cracks have to be brute-force, and that's what the Intruder Lockout function is there to prevent (you DO use Intruder Lockout, right?).

If you want to make sure all user passwords in your organization meet your 8-character minimum, that is simple:

1) Set all accounts to require a password, and to require an 8-character minimum, and to a limited number of grace logins
2) Expire the current password on all existing accounts

You may wish to exempt "service" accounts or accounts with a special purpose. Anyway, all users will be forced to change their password (if they don't, they'll eventually be locked out - how soon that happens depends on the number of grace logins you specify), and the new password will have to be a minimum of 8 characters.

There is, unfortunately, no ready way to enforce a password complexity requirement (only a length requirement) in the stock NetWare environment. You'd have to custom code that, or find someone who's done it in a open-source fashion. I don't know anyone offhand.

I think you will find the JRB Utilities (http://www.jrbsoftware.com) of a great deal of use as you audit your environment. You should invest in such a tool.
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
What you should do, if you want to enforce strong passwords, is upgrade your NetWare.  NetWare 6.x, using the latest eDirectory version, can enforce strong passwords, limit password length (min and max), use a dictionary of common words to disallow their use, and more.
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
I just mentioned a way to enforce complexity in the stock NetWare environment, by the way...
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
He'd have to upgrade, but I confess I didn't know what about v6.5/eDir 8.7.3. Can you point out some docs on that?
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
It's part of the NMAS, which was rolled into eDirectory 8.7.3 - no longer a separate product.  If you look at the eDir 8.7.3 docs, it tells about it.  I'm kind of on hold, in the middle of implementing it.
0
 
LVL 34

Expert Comment

by:PsiCop
Comment Utility
Ah. NMAS. We don't use it, so I never explored it. Thanks for clarifying.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Describes a method of obtaining an object variable to an already running instance of Microsoft Access so that it can be controlled via automation.
HOW TO: Install and Configure VMware vSphere Hypervisor 6.5 (ESXi 6.5), Step by Step Tutorial with screenshots. From Download, Checking Media, to Completed Installation.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now