Netware IPX Admin Session Spoof Vulnerability

Quoted verbatim from the NMRC advisory:

Use Packet Signature Level 3 everywhere, and make sure clients cannot touch their own signature settings. LAN Admins should never access a server unless using Level 3, and the security on the workstation should be restrictive enough to prevent unauthorized adjustments (i.e. use a locked-down NT client with no server services running, behind a locked door, although this simply places your trust in Microsoft). Use switched Ethernet.


Privacy Statement
Copyright 2010, SecurityFocus