NetWare 5.1 is the one still in use on some networks. The following is an example of how to enumerate a system with NetWare 5.1. The later versions of NetWare may have a different set of vulnerabilities. More and more new such vulnerabilities are discovered on a daily basis, so there is a need for the security professional to be vigilant at all times by checking with vendor websites as well as other websites that give info on these security vulnerabilities. For the working of NetWare enumeration, it is good to consider an example of the use of a previous version of NetWare to scan a server with NetWare 5.1.
When a vulnerability is detected in the Lightweight Directory Access Protocol configuration of the NetWare server, it is shown with the port number such port 389 which is the Novell eDirectory, Apple Open Directory as well as Microsoft Active Directory access protocol. The tool also shows that the LDAPMiner can be used to exploit such vulnerabilities.
When detecting another such vulnerability (443), Nessus shows things like the name of the Organization object as well as the Common Name (CN) object. Some of the most potent vulnerabilities discovered by Nessus are the usernames and passwords of user accounts which could be used by an attacker to access the server.
Same as in windows, NetWare has its own tools for the collection of info regarding resources and the like. After downloading the thing, run its Setup for installation. Upon restarting the computer, a login prompt will be shown. A vulnerability in the NetWare OS allows one to click the Contexts, Servers, and Trees buttons without having to put in any username or password to see network info.