|
|
The standard set up of a new user account does not involve a password. As far as the network operating system is concerned there is no obligation to assign a password, although this can be set up in the standard settings ("Default Account Balance/Restrictions"). The newly set-up user-accounts are openly accessible to anyone without requiring a password. The more privileged the account is on the Novell Netware server, the higher is the threat of the so-called "race on new accounts".
In this context it must be taken into account that different versions (e.g. vers. 3.75, vers. 3.76) of Netware Utilities SYS:\PUBLIC\SYSCON.EXE transmit an unencrypted password across the network, if the system administrator has used a new password.
| © Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
last update: July 1999 |