Sean,

Your uses have access to the NAB via Notes.  Unless of course you make 
them store all their coworkers email addresses in their local address 
books and do not allow lookups in the NAB.  Thus they can read the NAB and 
then detach the ID file, eh?

Rob Berendt
-- 
Group Dekko Services, LLC
Dept 01.073
PO Box 2000
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





seanmurphy@xxxxxxxxxxx 
Sent by: domino400-bounces+rob=dekko.com@xxxxxxxxxxxx
03/30/2005 02:33 PM
Please respond to
Lotus Domino on the iSeries / AS400 <domino400@xxxxxxxxxxxx>


To
domino400@xxxxxxxxxxxx
cc

Subject
Re: Domino ID Files Best Practices










C +API tool to hack a notes id? LOL.....  That tool does a dictionary
attack.

Nothing special about that. The only thing is special is they bypassed the
time-out.

http://lostpassword.com/lotus-notes.htm

What security does the user ID have to the system? Say an Admin ID?

I would be interested in seeing how you can get the NAB off of the server
if you do not have access to the server.
The owner of all of objects is QNOTES. Kind of hard to get the file to 
pull
the id out of it. I also am using encrypted NABs
on my mail servers as well so even if you got the NAB you could not open 
it
with another notes client.

The NAB on my servers is not accessible from the web,  default and
anonymous is NO ACCESS. We don't store IDs there anyway.
We store them elsewhere and of course on the PCs with the notes client,
such as my admin id on the PC I am using to
compose this email. So if you hacked my Windows Laptop then stole my id,
would it not be Windows Security that is the issue?
The only way to get and ID  is via a Microsoft Windows Hack to steal the 
ID
off of a PC. Then run this PASSWARE tool
to hack the id password.

The answer would be not to use Windows and notes IDs? That would not be
practical.

Don't keep IDs on computers anywhere? That would not be practical.

No networked computers works as well ala "Battle Star Gallactica"????  We
all know we can do anything without networking..............

lf you are concerned about notes id security then the  answer is to not
have the notes IDs stored anywhere, and use a smartcard or biometric id
instead of a standard notes id. If your NAB is secured properly it is much
safer than on a Windows File Server or on a Windows PC...........

Here are some products that add that extra layer of ID security. Notes
supports smart cards and Bio-Metic ID systems.

ActivCard Gold 2.2 product
Gemplus 3.1 product
Gemplus 2.0 product
Rainbow iKey 2032 product
Schlumberger Cyberflex 4 product

Sean
------------------------------------------------------
CONFIDENTIALITY NOTICE: This e-mail, and any attachments thereto, is
intended only for use by the addressee(s) named herein and may contain
confidential information.  If you are not the intended recipient of this
e-mail, you are hereby notified that any dissemination, distribution or
copying of this e-mail, and any attachments thereto, is strictly
prohibited.  If you have received this e-mail in error, please permanently
delete the original and any copy of any e-mail and any printout thereof.
Thank you for your compliance.

_______________________________________________
This is the Lotus Domino on the iSeries / AS400 (Domino400) mailing list
To post a message email: Domino400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/domino400
or email: Domino400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/domino400.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.