6.2 Known Security Threats

The following section provides a list of known security threats for the Novell Client for Linux, an indication of how difficult it would be to exploit the threat, and what the consequences would be for a customer.

Table 6-2 Known Security Threats

Description

Consequence

Likelihood

Difficulty

Repetitive password cracking attempts

Intruder detection lockout

Low

Hard

“Stale” passwords

Password expiration, grace login enforcement

High

Hard

Attempted access out-of-hours or from unauthorized locations

Date/Time and Location restrictions at login

Medium

Easy

Port scanners

Unsuccessful pass of Nessus scans; possible port hijacking

Medium

Possible

Man-in-the-middle attacks

NCP request sequencing, packet signing

Low

Hard

Wire frame examination and manipulation

Same protections as with other Novell products utilizing NCP and RSA-based authentication

Low

Hard

Memory scanning for sensitive data

All buffers containing sensitive data (passwords) are short-term in nature and are zeroed and/or freed immediately after use.

Low

Hard