Home Home > 2010 > 04 > 20
Sign up | Login

Archive for April 20th, 2010

Novell Client on openSUSE 11.2

April 20th, 2010 by

This has been covered on a couple of forums out there, but I’ve yet to find a decent comprehensive post. This is for 32bit systems, it’s easily modified for 64bit setups.

First off, search your favorite RPM repo for binutils-2.19-9.3. I like to use http://rpm.pbone.net, but at the time of writing, they happen to be down.

Get a copy of the Novell Client ISO from http://download.novell.com and mount it:

sudo mount -o loop novell-client-2.0-sp2-sle11-i586.iso /mnt

Extract the files from the RPM:

rpm2cpio binutils-2.19-9.3.i586.rpm | cpio -idv

This should create a “usr” directory in your present working directory. Go ahead and copy it’s contents to your filesystem:

sudo cp -R usr/* /usr/

Change directories to wherever you mounted your ISO (in this case “/mnt”) and run the installer:

cd /mnt && sudo ./ncl_install

As the packages attempt to install, you’ll be given options and warnings concerning libbfd and several other packages. Choose option “2” for everything (“Break dependencies”). Don’t worry about actually breaking anything, just roll with option 2.

Lastly, issue ldconfig as root and reboot:

sudo /sbin/ldconfig
sudo /sbin/reboot

That should get you up and running. You can run “ncl_tray” directly from the command line, or create a shortcut to the client. If you’re having connection issues, make sure that openSLP is configured.

The only issues I’ve had so far is the inability to browse trees, which turned out to be a DNS problem on my end. Occasionally I get warnings on login about novfs kernel modules not being properly loaded, but this appears to be benign.

Check your WPA2 Enterprise setup

April 20th, 2010 by

Do you have to enter user name and password to establish a link with
your wireless network? If so chances are good that WPA2 Enterprise
with EAP-TTLS or PEAP are used. Sounds familiar? Better check your
setup then. An attacker might easily impersonate your access point
and steal your password if the client you are using isn’t configured
properly.
You are likely vulnerable if you’ve disabled certificate checks
or you’ve checked some button to use a public CA but didn’t specify
any “Subject” or “Common Name” that has to match. NetworkManager for
example doesn’t even allow to enter the latter.
Read more in the paper I’ve written.