Optimizing the NetWare Client Software

Improving Security

When to Use NCP Packet Signature

NCP packet signature is not required for every installation. Some network supervisors might choose not to use it because they can tolerate certain security risks.

Tolerable Security Risks The following are examples of network situations that might not need NCP packet signature:

Only executable programs reside on the server

All client workstation users on the network are known and trusted by the network supervisor

Data on the NetWare server is not sensitive; access, loss, or corruption of this data would not affect operations

Serious Security Risks NCP packet signature is recommended for security risks such as these:

Unauthorized client workstation users on the network

Easy physical access to the network cabling system

An unattended, publicly accessible client workstation within your network

NCP Packet Signature Options

Several signature options are available, ranging from never signing NCP packets to always signing NCP packets. NetWare servers and network client workstations both have four signature levels, which are explained in the following table.

Table 1-1

NCP Packet Signature Levels

 

 

 

 

 

Level Number

Explanation

0Doesn’t sign packets.

1Signs packets only if the server requests it (NetWare server NCP option is 2 or higher).

2Signs packets if the server is capable of signing (NetWare server NCP option is 1 or higher).

3Signs packets and requires the server to sign packets (or logging in will fail).

1-9

Page 27
Image 27
HP UX Internet and Networking Software manual When to Use NCP Packet Signature, NCP Packet Signature Options