Module 17 –Novell Hacking


Novell Netware basics
•   Object model
•   Access control lists
•   Rights
•   Levels of access
•   Packet signature


Before we discuss attack methodologies, we will quickly visit Netware architecture. Remember that Netware Directory Services (NDS) was the inspiration for Microsoft’s Active Directory Services. This is a simple view of the object model; explain trustees, rights and discuss items such as Packet Signature, and the level of access.

Object Model: All parts of the overall Novell system are objects. Each of these objects can be thought of as an individual item, and objects can be grouped together for easier administration.

Access Control List: Each object in the security model has an Access Control List, or ACL. This decides what level of access is needed to use the resource. Objects can have rights assigned to them to determine what other objects they can access. The rights assigned to each object are pretty detailed, and can allow for various levels of reading and modification.

Rights: Objects are clustered together in a hierarchy. There are parent and child relationships between objects. When a new object is created, it receives a “default” set of access controls. These are inherited from the parent. To prevent excessive rights from inheriting farther down the chain, there are “inherited rights filters” [In Active Directory, this is integrated into Group Policy] which help control the flow of inherited rights. At the file system level are trustee rights.  These are rights assigned which determine an object’s ability to access a file or directory.

 
       =====Access levels====

There are a total of 5 different levels of access that can be logically defined form the security model—not logged in, logged in, supervisory access, administrative access, and console access.

•   Not logged in – If an object has Public read access, then the object can be read without authentication, assuming the object can be accessed.
•   Logged in – If a user has authenticated, they will have additional access to objects. This additional access is typically basic minimal access to allow the user to use the system.
•   Supervisory rights – If a user can administer another object, control and manipulate the object’s properties, and/or reassign rights to others for this object.
•   Administrative rights –Overall control of the security model is considered administrative access. While it is possible to hide portions of the model, typically this level of access allows almost complete control. 
•   Console access – Access to the NetWare server console is the highest level of access possible. While the controls are not as easy to use, console access can override all other access levels imposed by the administrators.

=====Packet Signature====

Another feature of Netware is the packet signature. Packet Signature is an intriguing idea in that it suggests that all packets moving in and out of the server are cryptographically signed to prevent forgery. It should be noted that Packet Signature does not encrypt any data; it adds security by using a digital signature.
There are 4 levels of Packet Signature: 0 – No Packet Signature; 1 – No Packet Signature unless explicitly asked; 2 – Packet Signature unless explicitly asked not to; and 3 – Communication using Packet Signature only. 
Now that we have covered the Novell Netware basics, we can go into the details of security and hacking.