Very Computer

by **White Rabb** » Sat, 25 Jan 1997 04:00:00

G'day!

I administrate a network of 10 or so Acorns.
I am new to Acorn administration, as I am used to unix ;)
It is a school lab, and I tend to worry about security.

Is there a way to mount another user without the password?
Or is there a way to crack user passwords?
Is there a way to crack the administrator password?

I'm talking about LAN mounts..

Sorry if I'm being cryptic, but I'm still getting used to it..

Thanks in advance,

David Ericson.

PS: If anyone has any info/text/scripts for security on Acorns,
I'm open for suggestions.

PPS: Sorry about the cryptic setup of this message ;)

___ ___
/ \ / \ ___________________________
/ / \_/ \ \ / Off the modem, \
\__/\ /\__/ / Thru the firewall, \
\O O/ \ Nuttin but Net. /
___/ ^ \___ / ___________________________/
\___/ /_/
_/ \_
__// \\__ White Rabbit

-=-=-=- http://www.iinet.net.au/~toucan -=-=-=-=-=-=-=-=-=-=-=-=-=-

by **John Cartmel** » Sun, 26 Jan 1997 04:00:00

> I administrate a network of 10 or so Acorns.

Allow me to be sceptical!

Quote:> It is a school lab, and I tend to worry about security.

So do some of my students. It helps to keep them worried if I don't tell them about it.

Quote:
> Is there a way to mount another user without the password?
> Or is there a way to crack user passwords?
> Is there a way to crack the administrator password?

Tut tut.

> ___ ___
> / \ / \ ___________________________
> / / \_/ \ \ / Off the modem, \
> \__/\ /\__/ / Thru the firewall, \
> \O O/ \ Nuttin but Net. /
> ___/ ^ \___ / ___________________________/
> \___/ /_/
> _/ \_
> __// \\__ White Rabbit

Like the .sig
Hate the rest.

--
_/_/_/ _/ John Cartmell
_/ __/_/ _/_/ _/_/ using Acorn Risc PCs - and StrongARMed
_/ _/ _/ _/ _/ _/ _/ _/ UK designed and made - British software
_/_/ _/__/ _/ _/ _/ _/ supporting our own; even if it is the best ;-)

by **Richard Walke** » Sun, 26 Jan 1997 04:00:00

> I administrate a network of 10 or so Acorns.
> I am new to Acorn administration, as I am used to unix ;)
> It is a school lab, and I tend to worry about security.

> Is there a way to mount another user without the password?
> Or is there a way to crack user passwords?
> Is there a way to crack the administrator password?

> I'm talking about LAN mounts..

What kind of server are you talking about? What clients?

If it's Level 4, then /in my experience/ there will be no problems,
as long as you have a suitable password for the /only/ system user.

Access+ is apparently not terribly secure.

If you mean WindowsNT and OmniClient, then I've no idea!

Cheers, Richard.
--
For sale: Acorn Econet cards, Risc PC ARM610 card, BBC equipment...
-----------------------------------------------------------------------------
Anti-Wintel gallery: http://www.manorsch.demon.co.uk/antiwintel/ :-)

by **Ariancylc** » Tue, 28 Jan 1997 04:00:00

Quote:> I administrate a network of 10 or so Acorns.

What kinda network?

Quote:> It is a school lab, and I tend to worry about security.

Don't bother. Worrying just adds to the stress level.

Quote:> Is there a way to mount another user without the password?

Yes.

Quote:> Or is there a way to crack user passwords?

Definitely.

Quote:> Is there a way to crack the administrator password?

Several.

Quote:> I'm talking about LAN mounts..

LAN being a Local Area Network, presumably?

Quote:> Sorry if I'm being cryptic, but I'm still getting used to it..

Don't worry, things will only get worse.

Quote:> PS: If anyone has any info/text/scripts for security on Acorns,
> I'm open for suggestions.

Ban all students.
Post "If you upset any computer, or system manager, you will be shot" on
all walls.

Quote:> PPS: Sorry about the cryptic setup of this message ;)

Happens out here.

--
I won't use words again
they don't mean what I meant
they don't say what I said

by **Dickon Ho** » Wed, 29 Jan 1997 04:00:00

: > I administrate a network of 10 or so Acorns.

Sounds fun.

: > I am new to Acorn administration, as I am used to unix ;)

Ah.... both are easy to use once you learn how.

: > It is a school lab, and I tend to worry about security.

Give up now, then. Security isn't something that is easy to get right,
especially in a school environment.

: > Is there a way to mount another user without the password?

Depends on which protocol. NFS? No trouble.

: > Or is there a way to crack user passwords?

Several. My favourite is to run Crack on the /etc/passwd file, or
packet-snoop the network looking for PC-NFS RPC authenticate-user
requests. No hassle.

: > Is there a way to crack the administrator password?

Only via crack (and the like), or packetsnooping as you type it in over
the net. Basically, don't do it, and use console.

: > I'm talking about LAN mounts..

: What kind of server are you talking about? What clients?

I would imaging Unix: 'I am new to Acorn administration as I am to Unix'
tends to give the game away IMHO ;-)

: If it's Level 4, then /in my experience/ there will be no problems,
: as long as you have a suitable password for the /only/ system user.

I didn't think Level 4 was, either.

: Access+ is apparently not terribly secure.

'Not terribly' - indeed not.

: If you mean WindowsNT and OmniClient, then I've no idea!

NiceTry is vaguely secure (has C2 security IIRC, as long as there's no
mouse, keyboard, or net. attach to it - someone from Mickeysoft was on
the panel the day that happened aparently). Still, the password goes
across the network in (not quite) plaintext form as you PC-NFS log in.

--
*on Hood.

Due to Windoze NiceTry, my .sig is out of order.
Normal service will be resumed as soon as possible.
We apologise for the inconvenience.

By sending spam mailings to this address, you a: agree to receive 40MB of
random data, and b: agree to pay me 100UKP for the time spent in sending it.

by **Tor Houghto** » Thu, 30 Jan 1997 04:00:00

Quote:> Due to Windoze NiceTry, my .sig is out of order.
> Normal service will be resumed as soon as possible.
> We apologise for the inconvenience.

Hurm. You're waiting for a hotpatch, I guess.

Heh.

Tor.