Xref: utzoo comp.sys.novell:1388 bit.listserv.novell:10352 Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uwm.edu!csd4.csd.uwm.edu!jeffd From: jeffd@csd4.csd.uwm.edu (Jeffrey Alan Ding) Newsgroups: comp.sys.novell,bit.listserv.novell Subject: Re: Restoring SUPERVISOR password - Summary/How-To Summary: Not as easy as it seems! Keywords: recover password security Message-ID: <11745@uwm.edu> Date: 3 May 91 23:27:29 GMT References: <1991May2.232728.25767@milton.u.washington.edu> Sender: news@uwm.edu Followup-To: comp.sys.novell Organization: University of Wisconsin - Milwaukee Lines: 61 In article <1991May2.232728.25767@milton.u.washington.edu> dittrich@milton.u.washington.edu (Dave Dittrich) writes: > >It is suprisingly simple to take care of the problem of a lost SUPERVISOR >password. The fix involves exploitation of the behavior of NetWare v2.x >regarding the bindery files (NET$BIND.SYS and NET$BVAL.SYS, which are hidden >system files in the SYS:SYSTEM directory), and the use of sector editor (such >as Norton's Utilities) and the NetWare utilities SHOWFILE and BINDREST. > >The steps are amazingly simple and painless to perform, which brings up a >very important (and blatantly obvious) issue for those who have their servers >in locations accessible to general users: > The task of restoring a supervisor's password is not as simple as outlined here. No mention of the type and technology of hard drive was given. If you have a non MFM hard drive such as a SCSI, ESDI, or are using a DCB for your fileserver, the likelyhood of being able to use ANY disk editor is very slim. DOS on it's own doesn't like drives other than MFM unless your controller card is designed to work with DOS. Suppose you have an MFM drive in your server. When you boot DOS, the drive will be recognized but you can't access it because there is no DOS partition. As the original poster says you will be able to edit it with any ordinary disk editor that reads non-DOS partitions. Now suppose you have a Novell DCB in your server and you boot DOS. Will DOS recognize your hard drive? I just tried it with one of my servers and it didn't work. DOS didn't even know it existed. A DCB is not a normal disk controller. As far as I know, it doesn't work with DOS unless you have a special driver to access it. That is why Novell made the DISKED program. When you NETGEN your Novell software, it links DISKED to the driver for your particular hard drive, whether it be MFM, SCSI, ESDI, or a DCB. ESDI works under DOS because it's got firmware on the board to initialize the drive when DOS goes looking. I'm not sure if SCSI does. I've got SCSI drives and controllers from Storage Dimensions. They use specialized interface cards and drivers specifically designed to work with Novell. DOS won't understand that you have a hard drive with these devices. So what does this all mean? It means that if you use non DOS compatible hardware, ie DCB's and specialized SCSI devices, you will not be able to change the binderies unless you have DISKED linked with the correct drivers. SO KEEP THOSE DISKS LOCKED UP! and you'll slow those netware thieves down considerably. jeffd@csd4.csd.uwm.edu >!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! >Anyone who can boot your server to DOS and operate the computer through the >keyboard can get control of the SUPERVISOR account, and thus the system! >!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > >Pre-requisites for the procedure are a DOS boot disk and Norton's Utilities >(or similar sector editor capable of absolute sector read/write to use on >the non-DOS NetWare drive partition--NU is very nice for this task!). > >o Run NU and read the first 100 sectors of the NetWare boot disk > (usually C:) in absolute mode. > >Dave Dittrich >dittrich@u.washington.edu ...!uw-beaver!u.washington.edu!dittrich