Amiga ISO Collection

home *** CD-ROM | disk | FTP | other *** search

/ Amiga ISO Collection / AmigaDemoCD2.iso / ASCII / TEXTE / SCENE / MAGS / chap2_1.txt < prev next >

Wrap

Text File | 1994-03-26 | 72.4 KB | 1,738 lines

@BEGIN_FILE_ID.DIZ ______/\__ __/\___|___/\ /_____/\/_//_/\/___|__/\ \ tHiS fLiGhT wIlL \ ¬\\ ¬| | \__ nEvEr eNd!! \______ \| _____ |\/_/\ / |¬ \ __) / |/ \ \ \ __ / | \ / \/ \ __|___/___! \ _______/ aLpHa fLiGhT ====\/===============\/==================== Chap magazine released 2nite! @END_FILE_ID.DIZ *PHORBIDDEN PHOREST BBS ***CLOSED*** _______/\ _ _ ________ / / / \ / \ / ____ \ _______ / ______/ / / / / / / / // ___ \ Volume II, / / / /____/ / / /___/ // / / / Issue I, \ \______/\ / _____ / / ____ // /__/ / June '94 \ // / / / / / / // ______/ \_______/ \_/ \_/ \_/ \_// / /\________ / / ____ _ _ _ _ _ _ _ _ __________________/ / / \_/ C/H/A/P M A G A Z I N E Underground Status Articles in this magazine may be unsuitable for persons under the age of 18 years of age, it is upto the users sole discretion as to what material they read. If, the reader is offended easily then some articles may be unsuitable. Some articles may describe violant and sexual acts. It may be in a direct violation of the law to construct, design, or carryout any of the subjects discussed in the articles of this magazine. It is neither encouraged nor condoned to break the law in any way! In no way whatsoever will the authors, editors and contributers of this magazine accept any responsabilities for consequences that may occur for carrying out or building any devices, or other subjects discussed in this magazine. There is no warranty on material contained in this magazine, either expressed, implied or otherwise to the fitness of its acceptance or said purpose for this mahazine. Authors, contrbutors and editors will accept no responsabilities for your use of information contained in the magazine, including but not limited to, damage to equipment. ------------------------------------------------------------------------------- SECTION: [01] INDEX I-N-D-E-X [01] INDEX [02] Using UNIX Shell Scripts - Thalian [03] Complete Guide to Definity-G Systems (aka System 75) - SCOTT SIMPSON [04] How to Clear UNIX System Log Files -Thalian [05] Using/Creating Novell Loggin Scripts -Thalian [06] Novell's Netware COMPLETE Command List -Thalian [07] Global Security or Not - Cellular Phone Security -Thalian [08] Complete List of JANET Access Points -Thalian [09] What the Law Says - The Computer Misuse Act 1990 -PHISTO [10] Novell Security -BRETT WARTHEN [11] Editor's Comments -VANGUARD ------------------------------------------------------------------------------- SECTION: [02] Unix Shell Scripts UNIX SHELL SCRIPTS BY Thalian, JULY 1993 BUILT IN VARIABLES Built in variables are normally set up when users log in to the system, and are defined partially by the system and by the users' .profile files located in their home directory. The have special meanings and uses within the shell environment and can be seen by typing 'SET'. $ set EXINIT =set redraw nows sm HOME=/g/Thalian/ IFS= LOGNAME=Thalian MAIL=/usr/mail/Thalian MAILCHECK=600 PATH:=/bin:/usr/bin:/etc:/dev:/usr/ucb: PS1=# PS2=> TERM=opus-pc TZ=GMT0 $ EXINIT Defines options for the ex and vi editors. HOME Sets the users home directory. IFS A string of delimeters to seperate words in a command line. LOGNAME The name of the logged on user. MAIL Name of file to send mail messages. MAILCHECK Number of seconds between checks by the shell for mail. Above, mail is checked for every 600 seconds (10 mins) PATH Paths to other directories for command files PS1 Shell prompt. PS2 Secondary Shell prompt. Appears when more data is needed. TERM Defines the terminal type - vital for use of vi or ex. TZ Defines the time zone the system clock us using. OTHER VARIABLES MAILPATH Same as above 'path' but are paths checked for mail. SHELL Can be used to invoke another shell. SHACCT Defines the file used by the shell to write an account of each shell process. FPU Defines floating point. USER DEFINED VARIABLES Variables are defined or assigned using an equals sign. The variable name is on the left and its data is on the right. There should be NO spaces on either side of the equals sign. If the data contains special characters or spaces, quotes should be used to define it. ie. $ DEMO=HELLO WORLD Above is incorrect sytnax. This should be in quotes because the data contains a space. $ DEMO="HELLO WORLD" The above shows the correct way of defining variables. If no spaces or special characters are to be used then the quotes are not neccessary (as shown below). $ DEMO = HELLO OTHER COMMANDS CASE - Related to command tails format: CASE <word> in pattern) COMMAND LIST;; ... esac ... read command case $command in dir | DIR | Dir ) ls -x ;; vers) who;; *) echo $command not found!;; esac $ dir [path] ------------------------------------------------------------------------------- SECTION: [03] Hackers Guide to System 75 The Complete Guide to Definity G Series Systems AKA System 75 - 85 Part 1: Scott Simpson, 18th June 1992 Greets to: Invalid Media, The Missing Link, Randy Hacker, Dark Druid, Nickodemus, Mercury, Renegade, Infinity (enjoy the army!), Weirdo, TomCat, GarbageHeap, Dark Shadow and The M&M boys for their ToneLoc. I am accepting new users on my bbs, leave mail on Unphamiliar Territory if you wish to call! My board is 14.4k, and has over 250k of files, and texts. BASIC HISTORY Definity model systems became in existent in the later part of the 1970's. In 1983 AT&T came out with a revised model called 75. This system was built to hold more incoming lines, and did not have as many errors as the earlier version did. The 1983 version was replaced with a version re-written in 1986. Today the systems are referred to as G models. System 75 is now called G1 and 85 is called G2. A new model is currently available and is called the Definity G3I wich is Generic 3 w/ Intel chip, and Definity G3R which is Generic 3 w/ Risk chip. There are 3 different versions to each model. Version one is the most common, and it is a XE Single Carrier Unit. The other two version I forgot. A system will usually cost somewhere around 50 to 80 thousand dollars. You MIGHT come across a smaller version and it is called 'Merlin Legend' this system will hold about 50-100 lines. System 75 & 85 will hold around 1000 lines. Enough history!!! DISCOVERING THE SYSTEM When you find a system 75 or so, you will make a 1200/NONE connection, as for most setups have a built in 1200 baud modem. Normally the carrier number will not be in the same prefix as the business or the pbx. And the line is actually owned by at&t. Try CNA'ing a system 75 line, it will tell you that it is owned by att. Once you find a carrier, you will need to be able to display ANSI or some equivelent type of terminal graphics. I prefer ansi over strip 7+. My suggestion is to use ToneLoc which is produced by Mucho Maas, and Minor Threat. As you know this file will scan for for carriers aswell as tones. This file can be found on just about every ELITE H/P bbs. GETTING INTO THE SYSTEM Getting into the system is the easy part if you have the defaults. I will not give out any defaults, you must find them on your own, and you will find out that alot of people are not willing to trade for them. The one account I will give is BROWSE PW:??????. This default will enable you to snoop around and tell whether or not they have a pbx, providing they have not changed the password or restricted the account. Browse is usually a full operational account without the privledges of altering any data. But I have come across a couple of systems where browse wouldnt do anything. Using the browse account is a good way to start. It is also good to use anytime you call and dont plan on changing anything. All actions by browse are not kept in the system history file. Now on to the actual commands. USING SYSTEM 75 After logging on to 75, there are several accounts available depending on the default you are using. This part will e for the basics and the people using browse. I will explain more next for the more advanced people. When you logon you will have the commands: LIST, DISPLAY and a couple others that dont matter. These are the only ones that you will need with browse. First type 'DIS REM' (display remote access). If there is a pbx set on the system, it will be shown on the extension line. The barrier code is the code to the dialup. The extension lie can either be 3 or 4 digits. Usually if its 3 digits, it is run off of AUDIX (automated directory exchange) or are smart and are hidding the last digit! Next display the trunk groups, this will tell you the actual dialups; normally. If they are not, dont panic. As you go thru the trunk groups, look also at the incoming destination aswell as the night destination. If any of these show the remote extension here, there is your pbx. If doesnt, keep looking thru all of the trunk groups. Write down all of the phone numbers it gives you, and try them. They will usually be found on page three or so. Alot of the time, places call forward a back line or so to the actual pbx. If there is no remote access extension when you display the remote access, then you are shit out of luck unless you have a higher default and read the rest of this text. SETTING UP YOUR OWN PBX If you have a higher default, you will notice if you type help you have more commands that are available to you, such as: change, download, etc... Remember, the company can change the privledges of the defaults, so if you can not see these commands, use another default. The first thing you want to do is display the dialplan, this will tell you the amount of digits and the first digit of all of the sequences. ie... Number of Digits -------1----2----3----4----5----6----7----8----9 -- F 1 I 2 Tac R 3 S 4 Fac T 5 6 Extension D 7 Extension I 8 Tac G 9 I 0 T * # All extensions will start with either a 6 or a 7 and will be 4 digits long. The Tac is 2 digits long and will start with either a 2 or an 8. Dont worry about FAC or any others. After you have made notes of this, type "ch rem" (this command is for change remote number) sand goto the extension line and put in an extension. Next find the trunk group that you want to use, then type "ch trunk #" (this is to change the trunk number), goto the line for night service and putthe extension in there. If there is already an extension for the night service on all trunks dont fear, KEEP READING. IF there is not, add it, then save it. If it says invalid extension, you must have misread the dialplan. If you pick an extension that is already in use it will tell you when you try to install the remote extension in the remote address. Once all of this is completed, you may go back to the remote access and add a code if you like, NEXT IS VERY IMPORTANT! Look at the trunk that you have installed night service and write down it's Class Of Restriction (COR) number. Cancle that command and type "dis cor #". Make sure that the Facilities Restriction Level (FRL) at the top is set to 7!!!! and under calling party restrictions and called party restrictions the word NONE (lower case) is there! If they are not type the Feature Access Codes (FAC) for them. Last, type "dis feature" this will display something like access codes for the system. There will be a line that says something like SMDR Access Code. This will be the code tgat you enter after the barrier code, if there is one. I have seen something like *6 etc... Also there will be on page 2 I think something to the like outside call, usually it is set to 9, but be sure. Thats about it for this segment. All should be fine at this point, for those that want a 24 hour pbx, this next section is for you. PART 2 by Scott Simpson, 22nd June 1992. For those of you that are greedy, and want a 24 hour pbx, most of the steps above are the same. The only difference is that you will look through all of the trunks until you come across one that has several incoming rotory lines in it, simply write down the port number, and the phone number for future reference, and delete it by using the ch command. From the main prompt type 'add tru #', dont change anything! For the TAC enter a correct tac number. Keep going to you get till the COR, enter a valid one, and remember that the FRL should be set to 7 etc... keep going, the next line that is vacant and needs something is the incoming destination set it to remote extension that you have created. The next vacant line i think is type, towards the middle of the page. Enter ground, and it should print out ground-start. Hmm, next goto page 3 and enter the port and phone number that you wrote down earlier. Save all of the changes that you have made. This should be all you need. In part, if there is a demand, I will tell how to make a bridge off of a 75. It is alot more diffucult, and am not going to sit here and type if no one is interested. Also in part 2, i will discuss how to add a vmb to their system for your own use! Remember, if they have AUDIX Voice Mail, THEY HAVE a system 75 so happy hunting, and see ya soon. If you need to get ahold of me, I call The Million Dollar Saloon, Unphamiliar Territory. Just leave mail there, and I will reply as soon as possible. GLOSSARY OF TERMS COR Class Of Restriction FRL Facilities Restriction Level SMDR Station Message Detail Recording TAC Trunk Access Code FAC Feature Access Code BASIC COMMANDS FOR DEFAULR EMULATION Esc Ow - Cancel Esc [U - Next Page Esc SB - Save Esc Om - Help COMMANDS FOR 4410 Esc Op - Cancel Esc Ot - Help Esc Ov - Next Page Esc Ow - Back Page Esc OR - Save Esc Oq - Refresh Esc Os - Clear Fields ------------------------------------------------------------------------------- SECTION: [04] Clear UNIX Log Files I get asked quite often how to clear the system log files, well, maybe if I distributed this simple information maybe people would stop asking? The three system log files are can be cleared by entering the following commands; /dev/null >> /usr/lib/cron/log /dev/null >> /usr/adm/sulog /dev/null >> /etc/wtmp The above commands will completely clear the system log files, the log file can also be edited using the UNIX text editors. ie, Ed /etc/wtmp - Thalian ------------------------------------------------------------------------------- SECTION: [05] Novell's Netware - Login Scripts %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %% %% Thalian of The Phorbidden Phorest, Presents %% %% %% %% Novell - NetWare v2.2 %% %% %% %% Login Scripts %% %% %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Documentation Contents: Disclaimer.........................................Section 1 Introduction to login scripts......................Section 2 Login script conventions...........................Section 3 Login script commands..............................Section 4 Creating/Modifying system login script.............Section 5 Sample system login script.........................Section 6 Creating/Modifying user login scripts..............Section 7 Sample user login script...........................Section 8 Use identifier variables in login scripts..........Section 9 Closing Comments...................................Section 10 SECTION 1 - Disclaimer This documentation file was written by Thalian of the International Tourists. The author makes no representations to the contents or use of this documentation and specifically disclaims any express or implied warranties of merchantability or fitness for a particular purpose and is not held responsible for the misuse of this information, including damage. SECTION 2 - Introduction To Login Scripts Login scripts are similar to configurable batch files and are executed when a user logs in. Netware uses three kinds of scripts: Default Executes if system and user scripts are not created. System Created by the supervisor. Contains mappings and other commands to be executed for all users. User Created by the user or supervisor. Contains commands specific to the particular user's environment. Executes after the system script (overwrites conflicting commands). If user scripts are not created, NetWare executes the default script (can overwrite system mappings). SECTION 3 - Login Script Conventions AS a general rule, commands entered into login scripts require the same format as they would if they were entered at the command line. Refer to the following guidelines. Case Either upper- or lowercase. Exception: identifier variables (section 9) enclosed in quotation marks must be uppercase. Characters Per Line 150 max; 78 (screen width) characters are suggested. Commands Per Line Start each command on a new line. Netware considers lines that wrap AUTOMATICALLY as one command. End commands by pressing <Enter>. WRITE commands display better if the command (WRITE) is specified at the beginning of each wrapped line. Punctuation And Programming Symbols Type symbols (#,%," ") and punctuation exactly as shown in examples. Sequence ATTACH commands must precede MAP commands. Enter other commands in the order you want them to execute during login. If sequence is not important, group similar commands (all MAP commands, for example) to make them easier to read. Blank Lines Have no effect on login script execution. Use them to visually seperate groups of commands. Semicolons, Asterisks and REM(ARK) Use these to insert remarks (explanations), NetWare will not interpret them as commands to be executed. Placing any of these at the beginning of a command disables the command until the symbol is removed. SECTION 4 - Login Script Commands The following chart summarizes commands used in login scripts: ATTACH Attaches users to additional file servers. BEGIN/END Must enclose nested IF...THEN commands. See sample scripts. Press <Enter> after BEGIN. BREAK ON/OFF Determines whether login script execution can be interrupted. COMSPEC Locates COMMAND.COM (DOS) file for the computer and DOS version is to be used after and application program is exited. DISPLAY and FDISPLAY Displays the text of a specified file on the screen. DOS BREAK Controls whether programs or DOS can be interrupted by pressing <Ctrl-Break> or <Ctrl-C>. DOS SET Sets a DOS variable to a specified value. DOS VERIFY Ensures that data copied to a local drive is copied correctly. DRIVE Specifies which drive is the default drive. EXIT Aborts the login precedure and allows users to access another file, program, or menu. # (External Program Execution) Allows users to exeute a command that is external to the login script. Should not be used with terminate-and-stay-resident programs. FIRE PHASERS Produces a phaser sound. IF...THEN Sets conditions under which login commands will be executed. See "identifier variables" (Section 9). INCLUDE Accesses text files (subscripts) not usually included in the login script. MACHINE Specifies which computer (machine name) is being used for the workstation in question. MAP Maps a drive to a directory on the network. PAUSE Stops login script execution until a key is pressed. (Allows users to read screen displays). PCCOMPATIBLE Informs the login program that a machine is IBM-PC Compatible. REMARK Allows users to insert descriptive comments (as opposed to commands) into the login script. WRITE Writes the specified string on the screen during login. See also "identifier variables" (p 56). SECTION 5 - Create/Modify A System Login Script The system login script sets the network environment for all users. If you create a system script, we recommend creating users scripts (Section 7), however minimal (even one space will do). If user scripts are not created, NetWare accesses a default script that may overwrite the system mappings. 1. Access SYSCON -> Supervisor Options -> System Login Script. A window appears in which you can enter login commands. 2. Do one of the following: CREATE A SCRIPT Type the commands you want to include in your system login script. Refer to the sample login script (Section 6) for suggestions. ADD A COMMAND Position the cursor at the end of the previous line. Press <Enter> and type the new command. DELETE A COMMAND Use the delete keys to remove unwanted commands. 3. Press <Esc> to confirm the entries or changes. SECTION 6 - Sample System Login Script COMMANDS DESCRIPTION MAP INS S1:=SYS:PUBLIC Inserts a search drive mapping that provides access to the NetWare utilities' directory from any other directory. MAP INS S2:=SYS:PUBLIC\%MACHINE\%OS\ Inserts a search drive mapping to the %OS_VERSION DOS directory. NetWare replaces the identifier variables (%MACHINE, %OS and %OS_VERSION) with the machine type identified in the workstation's SHELL.CFG file and the DOS operating system and DOS version specified in the COMMAND.COM file. COMSPEC=S2:COMMAND.COM Works with the MAP INSERT command above to ensure that the COMMAND.COM file will reload properly when users users exit an application. COMSPEC must be mapped to the same search drive (S2, in this example) the DOS directory is mapped to. MAP INS S3:=SYS:PUBLIC\WP Maps a search drive to a word processing application (or any other directory) all users need access to. IF LOGIN_NAME!="Supervisor" THEN Maps a drive to each user's directory MAP *1:=SYS:USERS\%LOGIN_NAME if the user is not (!=) supervisor. This example assumes that the user directories are located in SYS:USERS and that the user directory name is the same as the username. IF MEMBER OF "Accounting" THEN Maps a drive to the PAYROLL directory MAP *22:=SYS:PAYROLL if the user is a member of the accounting group. IF MEMBER OF "WRITERS" THEN BEGIN Maps a third available network drive MAP *3:=SYS:ARTICLES to the ARTICLES directory and a fourth MAP *4:=SYS:PROJECTS to the PROJECTS directory IF the user END is a member of the WRITERS group. (The drive mapping commands are enclosed by BEGIN and END because more than one command is being entered.) Press <Enter> after BEGIN. SET PROMPT = "$P$G" Set the DOS prompt to display the current drive letter and directory path. SECTION 7 - Creating/Modifying User Login Scripts Create users login scripts to modify or enhance the network environment for an individual. User scripts execute after and overwrite the system script. DO NOT use the same numbered search drives the system script uses or system search drive mappings will be overwritten. 1. Access SYSCON -> User Information, select user, and select Login Script. Modifying An Existing Script 2. Use the delete keys to delete any unneccessary commands 3. Insert new commands by positioning the cursor at the end of the previous line and press <Enter>. Type the command 4. Press <Esc> to confirm changes. Create A New Script 2. Press <Enter> 3. Type in the script in the box provided. See Section 8 for example commands. 4. Press <Esc> to confirm changes. Copy An Existing Script If a login script does not exist, an entry box will appear, containing the name of the user the script is to be created for. 2. Delete the name, type the name of the user whose script is being copied and press <Enter>. 3. Modify the copied script according to the instructions listed under 'Modifying An Existing Script'. SECTION 8 - Example User Script COMMAND DESCRIPTION map f:=pdaccounts\sys:users\Tom Maps a search drive to this user's home directory. map s16:=pdaccounts\sys:appl\wp Maps a search drive to an application this user frequently uses. #newmail brutus\sys:appl tlarson Executes the program NEWMAIL that notifies the user of new electronic mail. After the program has run, the remaining login script is executed. attach shakespeare\sys:repors\weelkly Maps a drive to a directory on the file server attached in previous line. if NDAY_OF_WEEK = "2" then begin Displays the message on Monday. write "Please delete file you own on" write "Brutus. Backup all files." end #capture q=Laser_Q nb nff Reroutes local print jobs to a network printer qeue (Laser_Q). Specifies jobs be printed without a banner (nb) and form feed is disabled (nff) Exit "MENU TOMSMENU" Exits to a menu. (Must map a search drive to directory containing menu script) SECTION 9 - Use Identifier Variables In Login Scripts The following chart lists identifier variables in IF...THEN and WRITE commands. Precede variables EMBEDDED in commands (see WRITE examples) with a percent sign (%) anfd type them in uppercase. Compare LOGIN_NAME and FULL_NAME examples. ****************************************************************************** Identifier Variable : HOUR Explanation : 1-12 Sample Login Script Command : if HOUR<"8" and AM_PM = "AM" then write "You're Early" Screen Display at login : Your Early (if login before 8am) ****************************************************************************** Identifier Variable : HOUR24 Explanation : 00-23 Sample Login Script Command : if HOUR24>"18" then write "Work Late?" Screen Display at login : Working Late? (if login after 6pm) ****************************************************************************** Identifier Variable : MINUTE/SECOND/AM_PM Explanation : 00-59 Sample Login Script Command : write "%HOUR: %MINUTE: %SECOND: " Screen Display at login : <time of login> ****************************************************************************** Identifier Variable : MONTH/MONTH_NAME Explanation : 01 - 12 / May, June Sample Login Script Command : IF MONTH_NAME="June" then write "Reports Due!" Screen Display at login : Reports Due (if loggin in June) ****************************************************************************** Identifier Variable : DAY / DAY_OF_WEEK Explanation : 01-31 / Monday, Friday Sample Login Script Command : IF DAY = "10" then Fire Phasers 3 Screen Display at login : Three phaser sounds on <day of month> ****************************************************************************** Identifier Variable : YEAR / SHORT_YEAR Explanation : 1993 / 93 Sample Login Script Command : Write "%DAY %MONTH_NAME, %YEAR" Screen Display at login : 24 June, 1993 (or system date) ****************************************************************************** Identifier Variable : LOGIN_NAME / FULL_NAME Explanation : User's Login Name / Users Full Name Sample Login Script Command : Write "Hello %LOGIN_NAME" / "Hello,";Full_Name Screen Display at login : Hello Thalian (Name of person logging in) ****************************************************************************** Identifier Variable : STATION / P_STATION Explanation : Connection Number / Node address (12 hex) Sample Login Script Command : WRITE "Hello %STATION" / WRITE "%P_STATION" Screen Display at login : Hello <station number> / Hello (node address) ****************************************************************************** Identifier Variable : GREETING_TIME Explanation : Morning, evening Sample Login Script Command : Write "Good %GREETING_TIME" Screen Display at login : Good Morning / Good evening ****************************************************************************** Identifier Variable : MACHINE / OS_VERSION / SMACHINE Explanation : Machine Name: IBM_PC/DOS Version/Short Name Sample Login Script Command : MAP S2:=SYS:PUBLIC\%MACHINE\%OS_VERSION Screen Display at login : Maps drive to DOS dir used by workstation ****************************************************************************** Identifier Variable : ERROR_LEVEL Explanation : 0 = No Errors Sample Login Script Command : IF "%ERROR_LEVEL" = "0" then EXIT DB Screen Display at login : DB executes unless error exists ****************************************************************************** Identifier Variable : MEMBER_OF <"GROUP"> Explanation : group user belongs to Sample Login Script Command : IF MEMBER_OF "SALES" then write "Meeting at 2pm" Screen Display at login : meeting at 2pm (if user is member of SALES) ****************************************************************************** Identifier Variable : PASSWORD_EXPIRES Explanation : Days to expiration Sample Login Script Command : write "Password Expires in " write "%PASSWORD_EXPIRES day(s)" Screen Display at login : Password expires in <#> days ****************************************************************************** ------------------------------------------------------------------------------- SECTION: [06] Netware v2.2 - Commands %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %% %% Novell NetWare v2.2 - Command List %% %% Thalian! / Phorbidden Phorest BBS! %% %% %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Here is the complete list of Novell's NetWare Commands IN BREIF. ****************************************************************************** Name : ATOTAL Location : sys:system Function : Display daily/weekly summary of accounting services Displays blocks read/written, connect time (mins) service request, and disk storage (blocks per day). (SYSPRIVS) ****************************************************************************** Name : ATTACH [server/user] Location : sys:public Function : Used to connect work station to additional fileservers on the network or internet network. ****************************************************************************** Name : BINDFIX Location : sys:system Function : Resolve following problems within NetWare. Username cannot be modified or deleted, passwords cannot be changed, error "Unkown Server" occurs while printing (SYSPRIVS) ****************************************************************************** Name : BINDREST Location : sys:system Function : Cancels effects of BINDFIX command (SYSPRIVS) ****************************************************************************** Name : BROADCAST "message" [connection number] [[and|,] connection number] Location : Coded into o/s Function : Send messages to users logged in. ****************************************************************************** Name : CAPTURE [AU|TI|NA] Location : Coded into o/s Function : Used to intercept print jobs ****************************************************************************** Name : CASTOFF Location : sys:public Function : Disallow messages to be received from other network stations ****************************************************************************** Name : CASTON Location : sys:public Function : Allow messages to be received from other network stations ****************************************************************************** Name : CHKVOL [path] Location : sys:public Function : View how much space is used and available on a volume ****************************************************************************** Name : CLEAR MESSAGE Location : Coded into o/s Function : Clear messages from display without clearing the screen ****************************************************************************** Name : CLEAR STATION [station] Location : Coded into o/s Function : Remove all file server resources from the workstation ****************************************************************************** Name : COLORPAL Location : sys:public Function : Customize color palette ****************************************************************************** Name : COMCHECK Location : On WSGEN floppy Function : Test communications between network and stations ****************************************************************************** Name : COMPSURF Location : system*2 Function : format hard drives (SYSPRIVS) ****************************************************************************** Name : CONFIG Location : Coded into o/s Function : Display o/s hardware ****************************************************************************** Name : CONSOLE Location : sys:login Function : Change file server from workstation to console mode ****************************************************************************** Name : DCONFIG Location : sys:system Function : Change LAN driver configuration ****************************************************************************** Name : DISABLE LOG[IN] Location : coded into o/s Function : Prevents users from logging in [SYSPRIVS] ****************************************************************************** Name : DISABLE TRANSACTIONS Location : coded into o/s Function : Manually disable NetWare Transaction Tracking System (TTS) (SYSPRV) ****************************************************************************** Name : DISK [*|Volume Names] Location : coded into o/s Function : monitor status of network disk drives ****************************************************************************** Name : DISKSET Location : system*1 Function : set hard drive ID (SYSPRIVS) ****************************************************************************** Name : DISMOUNT volume_number Location : coded into o/s Function : Dismount (make unavailable) a volume (SYSPRIVS) ****************************************************************************** Name : DISPLAY NETWORKS Location : coded into o/s Function : Display networks that fileserver is aware of ****************************************************************************** Name : DISPLAY SERVERS Location : coded into o/s Function : Display servers fileserver is aware of ****************************************************************************** Name : DOS Location : coded into nondedicated fileserver Function : switch nondedicated fileserver from console to DOS mode ****************************************************************************** Name : DOSGEN Location : sys:system Function : create boot files (SYSPRIVS) ****************************************************************************** Name : DOWN Location : coded into o/s Function : Shut Down (SYSPRIVS) ****************************************************************************** Name : DSPACE Location : sys:public Function : limit users available disk space ****************************************************************************** Name : ECONFIG [volume:]filename [option:parameter, [number]] Location : WSGEN Function : View Configure Ethernet EPROM (SYSPRIVS) ****************************************************************************** Name : ENABLE TRANSACTIONS Location : coded into o/s Function : Manually enable NetWare Transaction Tracking System ****************************************************************************** Name : ENDCAP [L|C|CL|ALL|CALL] Location : coded into o/s Function : end capture of work stations LPT ports ****************************************************************************** Name : FCONSOLE Location : coded into o/s Function : fine tune fileserver operation ****************************************************************************** Name : FILER Location : coded into o/s Function : View / Modify directory and file access (SYSPRIVS) ****************************************************************************** Name : FLAGDIR Location : sys:public Function : edit volume or directory attributes ****************************************************************************** Name : GRANT rightslist ... [path] [TO] [USER|GROUP] name Location : sys:public Function : Grant user group trustee assignment ****************************************************************************** Name : HELP [utilityname] Location : sys:public Function : view on*line information [about a particular utility] ****************************************************************************** Name : HOLDOFF filename Location : sys:public Function : allow users to write to a file ****************************************************************************** Name : HOLDON Location : sys:public Function : prevent users writing to a file ****************************************************************************** Name : JUMPERS Location : sys:public Function : reconfigure IPX LAN Server (SYSPRIVS) ****************************************************************************** Name : LASTDIR [path] [option...] Location : sys:public Function : view subdirectory info. Options are [/R]ights [/E]ffective Rights [/D]ate or [/T]ime, [/S]ubdirectories and show [/A]ll info. ****************************************************************************** Name : LOGOUT [fileserver] Location : sys:public Function : logout of one or more fileservers ****************************************************************************** Name : MAKEUSER Location : sys:public Function : Create new users (SYSPRIV) ****************************************************************************** Name : MAP [option] [drive: = drive:path] Location : sys:public Function : set global path to directory ****************************************************************************** Name : MENU [path] filename Location : sys:public Function : access menus you have created with a text editor ****************************************************************************** Name : MONITOR [station number] Location : coded into o/s Function : Track network activities ****************************************************************************** Name : Mount Location : coded into o/s Function : Make available [mount] a volume to users ****************************************************************************** Name : NAME Location : coded into o/s Function : Display name of fileserver ****************************************************************************** Name : NBACKUP Location : sys:public Function : backup fileserver ****************************************************************************** Name : NCOPY [path|drive:]filename [to] path|drive:filename [option...] Location : sys:public Function : Copy files ****************************************************************************** Name : NDIR [path] [/option] Location : sys:public Function : view / sort directories ****************************************************************************** Name : NPRINT [path] filename Location : sys:public Function : print files ****************************************************************************** Name : NVER Location : sys:public Function : displlay NetWare version ****************************************************************************** Name : OFF Location : coded into o/s Function : clear screen ****************************************************************************** Name : PAUDIT Location : sys:system Function : view system accounting records. audit filename is NET$ACCT.DAT ****************************************************************************** Name : PCONSOLE Location : ??? Function : Control Network Printing (SYSPRIVS) ****************************************************************************** Name : PRINTCON Location : ??? Function : setup print configs ****************************************************************************** Name : PRINTDEF Location : ??? Function : Define printer device ****************************************************************************** Name : PSTAT [S=server] [P=printername | printernumber] Location : sys:public Function : view printer status ****************************************************************************** Name : PURGE [filename|path] [/All] Location : sys:public Function : permanently delete erased files ****************************************************************************** Name : Q[UEUE] [options] Location : coded into o/s Function : list, create, delete print jobs in a queue ****************************************************************************** Name : REMIRROR nn Location : coded into fileserver Function : remirror disk drives and restore duplexing protection ****************************************************************************** Name : REMOVE [USER|GROUP] name [FROM] [path] [option...] [/SUB] Location : sys:public Function : delete user or group from group trustee list ****************************************************************************** Name : RENDIR [path] <new_dir_name> Location : sys:public Function : Rename a directory ****************************************************************************** Name : RESET ROUTER Location : coded into o/s Function : reset fileserver router table ****************************************************************************** Name : REVOKE rightlist [path] FROM [USER|GROUP] name [/SUB] Location : sys:public Function : take directory trustee rights from user or group ****************************************************************************** Name : RIGHTS [path] Location : sys:public Function : view effective rights in a directory ****************************************************************************** Name : SALVAGE [path] Location : sys:public Function : recover deleted files from anywhere on a volume ****************************************************************************** Name : SECURITY Location : sys:system Function : find file server security violations ****************************************************************************** Name : SEND "message" [to] [USER|GROUP] username/groupname Location : sys:public Function : send a message to a user or group ****************************************************************************** Name : SESSION Location : coded into o/s Function : change mappings, list user info and send mail ****************************************************************************** Name : SET TIME [month/day/year] [hour:minute:second] Location : coded into o/s Function : set system date and time ****************************************************************************** Name : SETTTS Location : sys:public Function : set transaction tracking system ****************************************************************************** Name : SETPASS [filesever/] username Location : sys:public Function : create/change password ****************************************************************************** Name : SLIST [fileserver] [/C] Location : sys:login / sys:public Function : view fileservers on internet ****************************************************************************** Name : SMODE [path] filename [mode] [/SUB] Location : sys:public Function : assign view/search mode to executable file ****************************************************************************** Name : SPOOL options Location : coded into o/s Function : list/change spooler assigns. ****************************************************************************** Name : SYSCON Location : ??? Function : Accounting ****************************************************************************** Name : SYSTIME Location : sys:public Function : view system time and date ****************************************************************************** Name : TIME Location : coded into o/s Function : view time and date ****************************************************************************** Name : TLIST [path [USER|GROUPS]] Location : sys:public Function : View trustee list ****************************************************************************** Name : TRACK OFF Location : coded into o/s Function : Turnoff display of network advertising packets ****************************************************************************** Name : TRACK ON Location : coded into o/s Function : turnon display of network advertising pavckets ****************************************************************************** Name : UNMIRROR Location : coded into o/s Function : unmirror dedicated file server ****************************************************************************** Name : UPS Location : coded into o/s Function : view status of an uninterupted power suply ****************************************************************************** Name : USERDEF Location : ??? Function : DEFINE USERS, login scripts, etc... ****************************************************************************** Name : USERLIST [fileserrver/] [name] [/option] Location : sys:public Function : view list of current users. options [/A]ddress [/O]bject [C]ont ****************************************************************************** Name : VAP Location : coded into o/s Function : view list of value added processes ****************************************************************************** Name : VER Location : Coded into o/s Function : view operating system version ****************************************************************************** Name : VERSION Location : sys:public Function : View NetWare s/w version ****************************************************************************** Name : VOLINFO Location : ??? Function : View info about each volume on fileserver ****************************************************************************** Name : VREPAIR Location : sys:system Function : recover MINOR hard drive problems ****************************************************************************** Name : WATCHDOG [start=n] [interval=n] [count=n] Location : coded into o/s Function : monitor file server connections ****************************************************************************** Name : WHOAMI Location : sys:public Function : display your user information ****************************************************************************** Name : WSUPDATE Location : ?? Function : Update workstation files from fileserver ****************************************************************************** ************************************************************************** __ ___ __ __ __ |\ ||_ | | ||__||__||_ | \||__ | |_|_|| || \|__ Novell NetWare V2.2 Informational Documentation ************************************************************************** ------------------------------------------------------------------------------- SECTION: [07] Cellular Telephone Security Global Security Or Not Courtesy Of Thalian New technology promises an end to eaves dropping on cellular telephones across the continents. But for the FBI agents on the tail of drug-traffikers, and airwave spies at the UK's Cheltenham listening post, it is much too secure. Publicity about mobile calls allegedly made by Princess Di and Prince Charles has highlighted the inherent lack of security in any radio link. There has never been any secret over this - and there have been several newspaper articles over the past five years which have painted eavesdropping with a radio 'scanners' hobby. Cellphone companies, Cellnet and Vodafone, have played down the risk because they see it as a poor advertisement for their services. As a result, Cellphone users are often remarkably indiscreet. It took the Royals' indiscretions to bring it all out in to the open. Cellnet responded with launch trials of a new scrambling system, which make calls on the existing network more secure. Vodafone reminds worried Cellphone users that if they switch to the new all-digital GSMC system (Global System for Mobile Communications), as used for Vodafone's new Micro Cellular Network, they can be sure of total security because the digital code is so tightly encrypted that no-one can crack it. Mecury has been making similar promises for its One-2-One network which will use GSMC technology when it launches later this year. And there by hangs a tail which has left the UK's Department of Trade and Idustry accused by manufacturers of destroying Europe's best-laid plans to sell GSMC technology round the world. In short, the DTI is blocking exports because encryption used by GSMC is too powerful. High-level sources say this is because the security services and military in the UK and US fear they will no longer be able to monitor telephone conversations. Few people believe that GSM needs such powerful encryption. The industry's complaint is that the DTI has awoken to the problem five years too late and has created a disastrous muddle which is crippling trade. This was borne out when I tried to get a clear policy statement on GSMC from the DTI. Responsibility for GSMC straddles two divisions in the DTI. Its technology division, which knew nothing of GSMC technology except that it has 'security implications'. ------------------------------------------------------------------------------- SECTION: [08] JANET CONNECTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %% %% JANET Connections %% %% %% %% Courtesy of Thalian / Phorbidden Phorest (Pp) BBS %% %% %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Below is a list of all college's and universities that are connected to the Joint Acedemic NETwork (JANET) as from 22nd June 1993. University of Aberdeen University College of Wales, Aberystwyth Anglia Polytechnic University Armagh Observatory University of Aston University College of North Wales, Bangor University of Bath Queen's University of Belfast Bishop Grosseteste College, Loncoln Bolton Institute of Higher Education Bournemouth University University of Bradford University of Brighton (Brighton Polytechnic) University of Bristol Brookes University (Oxford Polytechnic) Brunel University Buckingham College of Higher Education Camborne School of Mines University of Camebridge University of Wales College of Cardiff Canterbury Christ Church College Cardiff Institute of Higher Education University of Central England in Birmingham University of Central Lancishire Cheltnham and Gloucester College of Higher Education City University City of London Polytechnic College of St Mark and St John, Plymouth Coventry University (Coventry Polytechnic) De Montford University (Leicester Polytechnic) University of Dundee University of East Anglia University of Ease London Edge Hill College of Higher Education University of Edinborough University of Essex University of Exeter University of Glamorgan University of Glasgow University of Greenwich (Thames Polytechnic) Gwent College of Higher Education Heriot-Watt University University of Hertfordshire (Hatfield Polytechnic) University of Huddersfield (Huddersfield Polytechnic) University of Hull University of Humberside (Humberside Polytechnic) King Alfred's Winchester Kingston University (Kingston Polytechnic) University of Kent at Canterbury St David's University College University of Lancaster Leeds Metrpolitan University University of Leeds University of Leicester Linenhall Liverpool John Moores University (Liverpool Polytechnic) University of Liverpool University of London Imperial College of Science and Technology Kings College London School of Economics Queen Mary and Westfield College Royal Holloway Bedford New College University College Loughborough University of Technology Luton College of Higher Education Manchester Metropolitan University (Manchester Polytechnic) University of Manchester University of Manchester and Institute of Science and Technology (UMIST) Middlesex University (Middlesex Polytechnic) Napier University Nene College, Northampton University of Newcastle upon Tyne North East Wales Institute University of North London (North London Polytechnic) University of Northumbria at Newcastle (Newcastle Polytechnic) Nottingham Polytechnic University of Nottingham Open University University of Oxford University of Paisley (Paisley College) University of Plymouth (Polytechnic of South West) Portadown College of Further Education (Portsmouth Polytechnic) Queen Margaret College, Edinborough University of Reading The Robert Gordons University Roehampton Institute University of Salford University College of Salford Sheffield Hallam University (Sheffield City Polytechnic) University of Sheffield South Bank University (South Bank Polytechnic) University of Southampton Southampton Institute of Higher Education St Mary's College, Twickenham Staffordshire University (Staffordshire Polytechnic) University of St Andrews University of Stirling University of Strathclyde University of Sunderland (Sunderland Polytechnic) University of Surrey University of Sussex University College of Swansea Swansea Institute of Higher Education University of Teesside (Teesside Polytechnic) Thames Valley University (Polytechnic of West London) Trinity and All Saints, Leeds University of Ulster University of Warwick West London Institute of Higher Education Westminster College, Oxford University of Westminster (Polytechnic of Central London) University of the West of England at Bristol (Bristol Polytechnic) Winchester School of Art University of Wolverhampton (Wolverhampton Polytechnic) Worcester College University of York Thalian / Phorbidden Phorest (Pp) BBS ------------------------------------------------------------------------------- SECTION: [09] What The Law Says %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %% %% What the Law Says %% %% The Computer Misuse Act 1990 %% %% Transcribed By Phisto! %% %% %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% The Computer Misuse Act came into force on August 29, 1990. The legislation, intorduced in a private member's bill by Michael Colvin, the Conservitive MP for Romsey and Waterside, introduced three offences to the statute books. The first level offence of obtaining unauthorised access to programs or data held on a computer is prosecutable only summarily by magistrates and carries a maximum penalty of six months imprisonment or a £2,000 fine, or both. An offender is only guilty of his first offence if he intended to gain access and knew at the time that such access was unauthorised, or where an "insider" knowingly exceeds the level of authorisation which s/he is entitled. Hackers face prosecution far more serious, the second level, if they obtain unauthorised access with intent to commit or facilitate the commission of further offences, such as theft, fraud or blackmail. The second level offence is prosecutable by magistrates or in Crown Courts, where it is punishable up to five years in jail OR an unlimited fine. The third level involves the unauthorised modification of computer data. This offence is/was aimed at virus creators and/or propagators. This offence is prosecutable by magistrates or in a Crown Court, where it carries a maximum of five years in jail AND an unlimited fine. ------------------------------------------------------------------------------- SECTION: [10] jdjdjdjd Hello again people. Yup, this is the only article in this magazine that has nothing to do with computers whatsoever. Ahh, man, what the hell can I write about? Music... naaaaah. Sex... naaaaah. Manchester Olympic Bid?... hahahaha! Will we ever get it? Nope. Manchester is a dump. I mean, come on, what would you choose.... Two weeks of sand, sun, and lots of sex with good looking Oz tarts? Or, two weeks of rain, rain, rain, rain, and perhaps the odd shag with small, spotty, fat red-headed Mancunian slags? Hard choice, huh? ------------------------------------------------------------------------------- SECTION: [10] Novell Security Date and Time: 09-26-1992 at 03:21:58 Originated By: Brett Warthen (BRETT @ INFINIE) There have been some discussions on various mailing lists over the past couple of weeks regarding security holes in NetWare. So, I thought it might be prudent to pass along some information before any rumors get out of hand. I don't want to create any alarm or encourage attempts to break network security. I also must state up front that I personally find the actions of the Dutch Novers s mbe tremely questionable. While keeping potential security breaches secret puts the public at risk by not being able to protect themselves from the risk...making widespread announcements about such breaches to gain publicity, before giving the manufacturer a chance to address the problem is irresponsible and just creates hysteria. While I hesitate to mention these issues any further, I know that these are the types of issues that the trade magazines tend to pick up...confuse with incomplete and inaccurate facts...and leave your boss and auditing department breathing down your neck. The most recent security hole was exposed by a group in the Netherlands, where they demonstrated that a program running on one network work station could pretend to be another user currently signed onto the same file server. This task requires quite low level programming, and API information that is not generally published, where a program generates a network request that looks like it came from a different workstation on the network. Novell has acknowledged this "problem", and has released a patch for NetWare 3.11 (SECURE.ZIP in NOVLIB Library 1 on CompuServe), pointing out that this problem is not just a NetWare problem, but also exists with other network operating systems. The press releases from the Dutch Novell Users' Group and Novell are provided below FYI... A second "security hole" is merely an old one resurfacing, one that affects versions of NetWare prior to NetWad 3re particularly if intrudeectas turned off) there was a bug in the login validation routines, where it was possible for a program to repeatedly retry access to the file server and gain Supervisor access to the system. This second security hole does *NOT* exist in NetWare 2.2 or 3.11, and Novell released patches for other versions of NetWare to fix this problem. SEC286.ZIP and SEC386.ZIP are the filenames on CompuServe. Other stories come up from time to time detailing various security threats...but it should be stressed that these other methods require physical access to the file server. Physical security of the file server is a necessity in any truly secure environment. A protected RCONSOLE password is also recommended. =========== Dutch NetWare Users' Group Press Release ================= P R E S S R E L E A S E September 17th, 1992 SECURITY HOLE DISCOVERED IN NOVELL NETWARE During the LanVision event, organised by the Duch Novell User group (NGN) at Bunnik, in the Netherlands, a security problem was discovered in Novell's NetWare. With NetWare, Novell has a 70% market share of installed network operating systems. One of the members of the NGN demonstrated the ability to obtain the authorization level of any logged in user. In this fashion, any user can aquire the same rights of any other user, e.g. the supervisor, or a financial director. The program uses the ability to send a command to the file server such that the server "believes" that the command was issued from the other workstation. Once this is accomplished, the user is able to send commands which will function as if the privileged user had sent them. The NGN sent the program and source code to Novell developers. The NGN urged Novell to find a solution for this problem as soon as possible, due to the severity of the problem. NGN members are developing a program that detects unauthorized usage via this particular seceakness and warns the supervisor. To the best of NGN's knowledge, the prograich ke advantage of the problem is not freely available at the present time. The Dutch Novell User group recommendst i to melus with age of company confident ial information. Secondly, the NGN advisesthat uers should rfrain from using the supervisor account unless noone else is working on the network. NGN experts have reason to believe thatthe technique used, which is known as a physical attack on the wire, could be implemented on other network operating systems as well. --------- Editorial comments The Dutch Novell User group (NGN) organises the LanVision event every year. It isan opprtunity to attend a 'school' for supervisors where suppliers inform supervisors about the latest news and trends concerning the networking industry. The LanVision event was an enormous success, with over 1200 supervisors attending the meeting and nearly 300 lectures being held. The NGN, a professional user group for all network users, has the goal of improving the efficiency of the supervisor. The object of NGN is more than just a get-together of supervisors, rather the supervisor should be able to accelerate their knowledge and growth. NGN is a member of NetWare Users International (NUI), with more than 120,000 members worldwide. At more than 2000 active members, the NGN is one of the largest user groups in the world, and by far the most active user group in Europe. You may contact the NGN office during office hours at +31 3446 1323 (CET). =============== Novell Press Release from SECURE.ZIP File =============== MEDIA ALERT NOVELL ENHANCES NETWARE SECURITY Novell today announced that it has enhanced NetWare security by developing and making available software enhancements for its NetWare v3.x, NetWare v2.x and NetWare for Unix customers. These enhancements are designed to counteract a recently discovered security threat to network operating systems. The security threat, proven in a Netherlands academic laboratory, is not currently found in commercial environments and requires the hacker to forge requests on the wire in the name of a more privileged user. However, Novell considers any threat, even a potential threat, to network security to be serious and has worked quickly to develop and provide solutions for its customers. Because this security threat affects other network operating systems, it is an industry-wide problem. In addition to being the first to address this security threat for its customers, Novell is willing to work closely with other companies in the industry to ensure that in general networks are as secure as possible. Novell is also continuing its education efforts to ensure that customers have the most secure network environments available. Novell recommends that all customers who are concerned about security activate all applicable NetWare security features and install the most recent versions of system software, client software and patches. Novell will make the software enhancements available on NetWire and NetWare Express for NetWare v3.x and NetWare v2.x customers. The enhancements will also be given directly to NetWare for Unix partners so that they can make the solution available to their customers. ============ Novell Technical Bulletin from SECURE.ZIP ================ NOVELL TECHNICAL BULLETIN TITLE: Physical Security of a NetWare Server DOCUMENT ID#: TB.P.287 DATE: 12APR91 PRODUCT: NetWare PRODUCT VERSION: SUPERSEDES: NA SYMPTOM: NA ISSUE/PROBLEM It is necessary to reiterate the need to physically secure a NetWare server. Some NetWare administrators may not be aware of this security measure. Precautions, such as those implemented in the mainframe and minicomputer environment, should also be taken to physically protect the server from unauthorized use in a NetWare environment. If the server is not secured in a locked area, unauthorized users may be able to down the server and remove devices; destroy data and system configuration; and otherwise gain access to sensitive information. In addition to securing the server, NetWare provides a number of security features that help protect the server console and system from misuse. The following are functions that can be used to enhance server security on a NetWare operating system. ~ Issue the SECURE CONSOLE command from a NetWare v3.x console. By doing this, the system will only load NLMs from SYS:SYSTEM. ~ Select Lock File Server Console from the NetWare v3.x MONITOR.NLM main menu. This will password-protect the server console. ~ Protect RCONSOLE.NLM from a NetWare v3.x system with a password. ~ Use other security features of NetWare v2.x and v3.x such as intruder detection, forced password changes, limited grace logins, etc. ~ Use server hardware password protetion if available. These advanced features enhance system security, but do not remove the need to place the server in a secure location. NetWare security features combined with physical protection of the server affords the system administrator the highest server security possible in the NetWare environment. ================ End Novell Technical Bulletin ========================= ------------------------+------------------------------------------------- Brett Warthen | MHS: Brett @ Infinite (via NHUB/CSERVE) Infinite Technologies | CompuServe: >MHS:Brett@Infinite 11433 Cronridge Drive | Internet: Brett@Infinite.mhs.compuserve.com Suite H | FAX: +1-410-363-3779 Owings Mills, MD 21117 | Fone: +1-410-363-1097 ------------------------+------------------------------------------------- Damn, sure didn't import to well on the upload, but I think it is still readable. Anyone have any friends in the Netherlands? Wouldn't mind having a copy of that program or at least know what API calls they use that aren't documented. (The above file was received from P-80 Systems, -Ed.) ------------------------------------------------------------------------------- SECTION: [11] EDITOR'S COMMENTS Editor's Comments Thanks to the following for the help during this issue of CHAP. Thalian - Director, Main Editor, Supporter, Writer. VanGuard - Jr Directory, Writer, Distributer Scott Simpson - Contributions Phisto - Writer, PC Support, Distribution Since CHAP has been taken over we would like to introduce the new members of the team, they are... Thalian - Director, Main Editor, Support, Writer VanGuard - Editor, Writer, Distribution Manager Phisto - Writer, PC Support, Distribution TCA - Mad Writer If you would like your article included into the next issue of CHAP magazine contact Thalian on Unauthorised Access BBS where you will be notified as to where you should send the article. Articles only accepted on Amiga or IBM 720K (5 1/4" or 3 1/2" disks) format. Thanks to Thalian for all the effort he has put into getting CHAP magazine of the ground again. It is much appreciated mate. Thanks to all readers for the support and phone calls we have been receiving! \/anGuard [Ed.]