Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!crdgw1!uakari.primate.wisc.edu!caen!sol.ctr.columbia.edu!emory!wuarchive!udel!rochester!uhura.cc.rochester.edu!ub!dsinc!unix.cis.pitt.edu!mjl
From: mjl@unix.cis.pitt.edu (Michael J Lewinter)
Newsgroups: comp.sys.novell
Subject: Re: Encrypted Passwords
Message-ID: <109354@unix.cis.pitt.edu>
Date: 29 Mar 91 13:01:13 GMT
References: <108250@unix.cis.pitt.edu>
Organization: University of Pittsburgh
Lines: 29

Thanks for all of the responses that I got to my query.  I would like
to share the two types of responses.

1) Novell has supported encrypted passwords since 2.1 . (While this may
   be true with regards to how they are stored in the bindry, the 
   'packet' containing the the password that the user types in is 
   "clear text format".  "A sniffer can pull in a login packet that uses
    the clear text format, and an intruder can read the user's login
    password." [Taken from page 166 of the NetWare Concepts manual which
    I assume is a part of the documentation of 3.x.])

2) Two responses informed me that since V 3.0 of netware, encrypted password
   packets are supported.  This corresponds with the page of manual that
   I quoted from above.

I would have sent this directly to the people who supplied me with info as 
well, but being sloppy, I purge their messages.

Enjoy,

Michael J. LeWinter
 


 

-- 
All email, no cute messages to mankind :       mjl@vms.cis.pitt.edu
                                               mjl@pittvms.bitnet