From: ROB DIXON (RDIXON@workforcewv.org)
Date: Tue Jan 31 2006 - 09:16:29 EST
Here are a couple of links taht may be helpful.
http://www.frsirt.com/english/product/2717
http://www.vulnerabilityscanning.com/Netware-Security.htm
Also, maybe the groupwise webaccess application isnt vulnerable, but maybe you could get in through an apache vulnerability?
Groupwise 6.5 and 7 both running natively on Apache. depending on the service pack level of the netware OS they may be running 1.2. Plenty of opportunity ;)
New Guy..out
Robert L. Dixon, CSO
CHFI A+
Netware/GroupWise Administrator
State of West Virginia's
Office of Techonology
Infrastructure Applications
Telephone: (304)-558-5472 ex.4225
Cellphone: (304)-549-2068
Email:rdixon@workforcewv.org
>>> "Ivan ." <ivanhec@gmail.com> >>>
Jon
You can find some info here, might be a little old.
http://www.nmrc.org/project/pandora/
cheers
Ivan
On 1/25/06, Jon Gucinski <Jgucinski@midwestbank.com> wrote:
> Has anyone ever run a pen test against Novell GroupWise or Novell
> Directory Services? Can you recommend any good ways to test security,
> snag a password file, etc?
>
> Thanks,
>
> -Jon
>
> NOTICE: This electronic mail message and any files transmitted with
> it are intended exclusively for the individual or entity to which it
> is addressed. The message, together with any attachment, may contain
> confidential and/or privileged information. Any unauthorized review,
> use, printing, saving, copying, disclosure or distribution is
> strictly prohibited. If you have received this message in error,
> please immediately advise the sender by reply email and delete all
> copies.
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:25 EDT