home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Netware Super Library
/
Netware Super Library.iso
/
security
/
secure
/
secure.doc
< prev
next >
Wrap
Text File
|
1992-10-01
|
6KB
|
132 lines
README FOR SECUREFX.NLM and SECUREFX.VAP
The following files are included:
SECUREFX NLM 1960 09-25-92 1:54p
SECUREFX VAP 13360 09-29-92 10:16a
ALERT DOC 1699 09-25-92 6:58p
PATCHMAN NLM 9051 04-16-92 11:21a
PCHMN223 DOC 6110 05-07-92 4:33p
TBP287 DOC 2105 09-25-92 5:17p
SECURE DOC (this file)
Purpose:
SECUREFX.NLM and SECUREFX.VAP are designed as an enhancement to the existing
security features in the NetWare v3.11, v2.2 and 2.15c Operating Systems
respectively.
SECUREFX.NLM FOR NETWARE v3.11
-------------------------------
When a security violation is detected, the following notification messages
will be displayed at the file server console, at all attached workstations,
and written to the error log:
"Security breach against station <connection number> NEUTRALIZED."
In addition, the message
"Connection TERMINATED to prevent security compromise"
will be written to the error log and displayed at the server console.
By default, the connection whose security would have been breached will be
terminated when SECUREFX.NLM detects a security violation. If the user wishes
to be notified of an attempted security breach without terminating any user
connections, the command line parameter "-NK" should be used when loading
SECUREFX.NLM. When the -NK option is used, the following notification
message will be displayed at the server console, at all attached workstations,
and written to the error log:
"Security breach against station <connection number> DETECTED."
SECUREFX.NLM is intended for all number-of-user versions of the NetWare v3.11
Operating System. SECUREFX.NLM is a dynamic patch which is loaded at the
file server console as a NetWare Loadable Module. SECUREFX.NLM requires the
latest version of PATCHMAN.NLM (v2.23) in order to load.
Unlike previous patches, the SERVER.EXE file is never modified by this
patch. SECUREFX.NLM patches the Operating System in memory, not on
the disk. This means that SECUREFX.NLM must be loaded each time
before any "fixes" take effect. It is recommended that the command "LOAD
SECUREFX" be placed in the server's AUTOEXEC.NCF file to ensure that
the patch is always in effect when the server is initially brought up. In
the event that the -NK option is desired, the command "LOAD SECUREFX -NK"
should be placed in the AUTOEXEC.NCF. This "NK" must be in upper case.
Since it is an NLM, SECUREFX.NLM can be loaded and unloaded without
ever having to bring the server down. Once loaded, the Operating System
is patched and ready to go. Unloading SECUREFX will restore the
Operating System to its original "un-patched" state.
Like all NLM-type patches, SECUREFX.NLM requires the Patch Manager
(PATCHMAN.NLM) to be loaded before it can be loaded. If PATCHMAN
is not already loaded, SECUREFX will attempt to locate PATCHMAN and
load it automatically if found. PATCHMAN only needs to be loaded once.
All other patches can load once PATCHMAN is loaded. PATCHMAN
cannot be unloaded until all patches that rely on it are first unloaded.
Typing "Patches" at the system command line once PATCHMAN is loaded
will display all patches currently loaded on the filefile server.
To install SECUREFX.NLM, simply place the SECUREFX.NLM file in the
same directory as the other NLM files (SYS:SYSTEM or DOS partition), and
type "LOAD SECUREFX" (or "LOAD SECUREFX -NK"). Once the patch has loaded,
all changes are in effect until SECUREFX is unloaded. If an error message
appears, contact Novell Technical Support.
The changes made by this patch will be implemented in all future versions
NetWare. This patch and PATCHMAN.NLM (v2.23) will only operate
on NetWare v3.11. Future versions of NetWare will require a version of
PATCHMAN specific to that release.
SECUREFX.VAP FOR NETWARE v2.2 and v2.15c
----------------------------------------
SECUREFX.VAP is intended for all number-of-user versions of dedicated and
non-dedicated NetWare v2.2 and v2.15c Operating Systems.
SECUREFX.VAP functions in a similar manner as SECUREFX.NLM, however, with
SECUREFX.VAP, the notification message is only displayed at the file server
console, and is not broadcast to connected users or written to the error lo
To install SECUREFX.VAP, place the SECUREFX.VAP in the directory where the
other VAP files reside. Reboot the file server and select "y" (yes) when
prompted to load the VAPS. By default, SECUREFX.VAP will terminate the
connection whose security would have been breached. To use the -NK option
defined above, input the following command at the server console:
:SECUREFX -NK
Use of the -NK option only detects a security breach and displays the
notification message at the server console.
In order to reverse the effects of the -NK option, input the following
command at the server console:
:SECUREFX -YK
******************************* NOTE ****************************************
For more information on this issue and general security issues refer to
ALERT.DOC and TBP287.DOC included with this zip file.
*****************************************************************************
*****************************************************************************
DISCLAIMER
Novell, Inc. makes no representations or warranties with respect to any
NetWare software, and specifically disclaims any express or implied
warranties of merchantability, title, or fitness for a particular purpose.
Distribution of any NetWare software is forbidden without the express
written consent of Novell, Inc. Further, Novell reserves the right to
discontinue distribution of any NetWare software.
Novell is not responsible for lost profits or revenue, loss of use of the
software, loss of data, costs of re-creating lost data, the cost of any
substitute equipment or program, or claims by any party other than you.
Novell strongly recommends a backup be made before any software is
installed. Technical support for this software may be provided at the
discretion of Novell.
***************************************************************************