Like any other network operating system currently deployed in the business world today Novell Netware must be secured properly to maintain the confidentiality integrity and availability of the networks and users that the OS maintains. However cretin things must be taken into account when dealing with Novell Netware, first and foremost it is a combination of Linux and windows design principles, so there for we must take a windows and Linux approach when securing the OS from potential harm. Secondly although it is not widely used today it is still vulnerable to attack.
As with most network operating procedures there are two types of Netware administration, the first being on console work and the second being remote management of the server, with Novell’s heavy integration with Apache 2 and Console1 Novell Netware makes a ideal operating system choice for the administrator that travels. Administrators can make partitions and volumes and even execute remote console commands from there web browser. However with this level of integration also comes a point of vulnerability, Apache 2 has numerous vulnerabilities associated with it, and there for your administration website can be compromised
One other major remote administration tool that can be used is the Novell Netware Console1 and Novell Netware Administrator (commonly referred to as NWADMIN) however as with imanager both these applications can be used by any user that is authenticated to the server. For security reasons it is recommended that the administrators remove access to these two programs either by Group or Registry policy, or by removing access to the server shares that the programs reside on. The bellow screenshots illustrate how a limited user can access console 1 and NWADMIN without a administrator password
Additionally all users that authenticate to the server will automatically have two volumes mapped to network drives on there windows desktops, the SYS volume and its sub folder PUBLIC. With default access rights the users can remove critical system files such as imanager.nlm (the executable file that triggers Imanager and lets administrators perform tasks on the server), the default shares may be also used to transfer documents anonymously over the server.
In order to counteract the inherent security problems with Novell Netware the administrator should accomplish the following tasks:
Physical Security of the Novell console cannot be taken lightly and with
All the remote management software that Novell has bundled with the newest editions of Netware (5.1, 6 and 6.5) it is becoming increasingly easy for administrators to spend very little time actually working on the console. Therefore the option of placing the server in a high security area with minimized access is available and should be taken advantage of
