Re: Script for find domino's users

From: Simon Delicata (sdelicata@planer.co.uk)
Date: 01/31/02 

To: gmaggiot@ciudad.com.ar
From: "Simon Delicata" <sdelicata@planer.co.uk>
Date: Thu, 31 Jan 2002 20:03:10 +0000

This isn't a proof of concept, but more a probe for misconfigured database
ACL's.

If a Domino web server doesn't have a redirection URL for /mail/* mail
files, then you rely on the access control for each mail file.

Two things can be done to avoid this :

1 - Change the ACL on sensitive databases ( /mail/* , names.nsf ) to :
      Anonymous - No access
      [Default] - No access

2 - Within the Server Document for each server, ensure that "Allow HTTP
clients to browse databases:" is set to "No"

I believe that all versions of Domino server from 4.5 upwards are
suceptible to badly configured ACL's. Any good administrator would have a
hold of this already.

#!/usr/local/bin/php -q
<?

<snip>

</snip>

fclose ($fd);

?>

Relevant Pages

  • Re: Installing FTP without IIS on Win2k3 & Domino Web Server
    ... > I have Windows 2003 Standard server with Domino Web server ... > runnin on it using HTTP on port 80. ...
    (microsoft.public.win2000.advanced_server)
  • Re: How to connect to a MSSQL 2000 OLAP Server
    ... between Domino Web Server and the OLAP server. ... > Well I installed my first OLAP Server ever just yesterday, ... > SQL Server, that is from my Domino Web Server, through Lotus Connectors ... > I mean, I learnt about MDX, but can I run MDX queries (and get resultsets, ...
    (microsoft.public.sqlserver.olap)
  • Re: Installing FTP without IIS on Win2k3 & Domino Web Server
    ... Yes, after installing IIS, you can stop the WWW service but still run the ... > I have Windows 2003 Standard server with Domino Web server ... > FTP server on the same box as well but in order to install ...
    (microsoft.public.win2000.networking)