Security

Security

Post by White Rabb » Sat, 25 Jan 1997 04:00:00



G'day!

I administrate a network of 10 or so Acorns.
I am new to Acorn administration, as I am used to unix ;)
It is a school lab, and I tend to worry about security.

Is there a way to mount another user without the password?
Or is there a way to crack user passwords?
Is there a way to crack the administrator password?

I'm talking about LAN mounts..

Sorry if I'm being cryptic, but I'm still getting used to it..

Thanks in advance,

David Ericson.

PS: If anyone has any info/text/scripts for security on Acorns,
    I'm open for suggestions.

PPS: Sorry about the cryptic setup of this message ;)

                  ___     ___
                 /   \   /   \       ___________________________
                /   / \_/ \   \     /  Off the modem,           \
                \__/\     /\__/    /      Thru the firewall,     \
                     \O O/         \           Nuttin but Net.   /
                  ___/ ^ \___      / ___________________________/
                     \___/        /_/
                     _/ \_
                  __//   \\__        White Rabbit

-=-=-=- http://www.iinet.net.au/~toucan -=-=-=-=-=-=-=-=-=-=-=-=-=-

 
 
 

Security

Post by John Cartmel » Sun, 26 Jan 1997 04:00:00




> I administrate a network of 10 or so Acorns.

Allow me to be sceptical!

Quote:> It is a school lab, and I tend to worry about security.

So do some of my students.  It helps to keep them worried if I don't tell them about it.
Quote:

> Is there a way to mount another user without the password?
> Or is there a way to crack user passwords?
> Is there a way to crack the administrator password?

Tut tut.

>                   ___     ___
>                  /   \   /   \       ___________________________
>                 /   / \_/ \   \     /  Off the modem,           \
>                 \__/\     /\__/    /      Thru the firewall,     \
>                      \O O/         \           Nuttin but Net.   /
>                   ___/ ^ \___      / ___________________________/
>                      \___/        /_/
>                      _/ \_
>                   __//   \\__        White Rabbit


Like the .sig
Hate the rest.    

--
     _/_/_/     _/          John Cartmell
      _/ __/_/ _/_/  _/_/  using Acorn Risc PCs - and StrongARMed
  _/ _/ _/ _/ _/ _/ _/ _/ UK designed and made - British software
  _/_/ _/__/ _/ _/ _/ _/ supporting our own; even if it is the best ;-)

 
 
 

Security

Post by Richard Walke » Sun, 26 Jan 1997 04:00:00




> I administrate a network of 10 or so Acorns.
> I am new to Acorn administration, as I am used to unix ;)
> It is a school lab, and I tend to worry about security.

> Is there a way to mount another user without the password?
> Or is there a way to crack user passwords?
> Is there a way to crack the administrator password?

> I'm talking about LAN mounts..

What kind of server are you talking about? What clients?

If it's Level 4, then /in my experience/ there will be no problems,
as long as you have a suitable password for the /only/ system user.

Access+ is apparently not terribly secure.

If you mean WindowsNT and OmniClient, then I've no idea!

Cheers, Richard.
--
     For sale: Acorn Econet cards, Risc PC ARM610 card, BBC equipment...
-----------------------------------------------------------------------------
    Anti-Wintel gallery:  http://www.manorsch.demon.co.uk/antiwintel/ :-)

 
 
 

Security

Post by Ariancylc » Tue, 28 Jan 1997 04:00:00




Quote:> I administrate a network of 10 or so Acorns.

What kinda network?

Quote:> It is a school lab, and I tend to worry about security.

Don't bother. Worrying just adds to the stress level.

Quote:> Is there a way to mount another user without the password?

Yes.

Quote:> Or is there a way to crack user passwords?

Definitely.

Quote:> Is there a way to crack the administrator password?

Several.

Quote:> I'm talking about LAN mounts..

LAN being a Local Area Network, presumably?

Quote:> Sorry if I'm being cryptic, but I'm still getting used to it..

Don't worry, things will only get worse.

Quote:> PS: If anyone has any info/text/scripts for security on Acorns,
>     I'm open for suggestions.

Ban all students.
Post "If you upset any computer, or system manager, you will be shot" on
all walls.

Quote:> PPS: Sorry about the cryptic setup of this message ;)

Happens out here.

--
 I won't use words again
     they don't mean what I meant
         they don't say what I said

 
 
 

Security

Post by Dickon Ho » Wed, 29 Jan 1997 04:00:00



: > I administrate a network of 10 or so Acorns.

Sounds fun.

: > I am new to Acorn administration, as I am used to unix ;)

Ah.... both are easy to use once you learn how.

: > It is a school lab, and I tend to worry about security.

Give up now, then.  Security isn't something that is easy to get right,
especially in a school environment.

: > Is there a way to mount another user without the password?

Depends on which protocol.  NFS?  No trouble.

: > Or is there a way to crack user passwords?

Several.  My favourite is to run Crack on the /etc/passwd file, or
packet-snoop the network looking for PC-NFS RPC authenticate-user
requests.  No hassle.

: > Is there a way to crack the administrator password?

Only via crack (and the like), or packetsnooping as you type it in over
the net.  Basically, don't do it, and use console.

: > I'm talking about LAN mounts..

: What kind of server are you talking about? What clients?

I would imaging Unix: 'I am new to Acorn administration as I am to Unix'
tends to give the game away IMHO ;-)

: If it's Level 4, then /in my experience/ there will be no problems,
: as long as you have a suitable password for the /only/ system user.

I didn't think Level 4 was, either.

: Access+ is apparently not terribly secure.

'Not terribly' - indeed not.

: If you mean WindowsNT and OmniClient, then I've no idea!

NiceTry is vaguely secure (has C2 security IIRC, as long as there's no
mouse, keyboard, or net. attach to it - someone from Mickeysoft was on
the panel the day that happened aparently).  Still, the password goes
across the network in (not quite) plaintext form as you PC-NFS log in.

--
*on Hood.

Due to Windoze NiceTry, my .sig is out of order.
Normal service will be resumed as soon as possible.
We apologise for the inconvenience.

By sending spam mailings to this address, you a: agree to receive 40MB of
random data, and b: agree to pay me 100UKP for the time spent in sending it.

 
 
 

Security

Post by Tor Houghto » Thu, 30 Jan 1997 04:00:00



Quote:> Due to Windoze NiceTry, my .sig is out of order.
> Normal service will be resumed as soon as possible.
> We apologise for the inconvenience.

Hurm. You're waiting for a hotpatch, I guess.

Heh.

Tor.

 
 
 

1. Acorn Security (was Re: PC #1 SECURITY SOFTWARE )



Zat so? Really? Gosh!

I have a nifty little program on my RISC OS machine called !Fr*s*o,
which not only deletes its files _while downloading them_ but also
incorporates a state-of-the-art security module (Type5) that freezes
the machine dead if you think Bad Thoughts.

Gill Bates, eat your heart out!

mog

--

2. To use a GCC PLP II printer under DOS??

3. HSBC security service update

4. NSLookup 'Query Refused'

5. latest Microsoft Windows Security Flaws

6. P8ex cannot print Chinese characters

7. *********The best PC security program*********** 4161

8. What is the passing score for 70-129

9. Encryption/Security on RISC OS; Ipswich; Wed 3rd July 2002

10. Welwyn Hatfield Computer Club Talk on Internet Security

11. IT Security related mailing list

12. RISC OS Security on the net?

13. Security