Re: Hardening NIS+

From: Neil Dickey (neil@geol.niu.edu)
Date: 08/09/02


Date: Fri, 9 Aug 2002 15:05:37 -0500 (CDT)
From: Neil Dickey <neil@geol.niu.edu>
To: jim.small@eds.com, focus-sun@securityfocus.com


"Small, Jim" <jim.small@eds.com> wrote asking:

>Has anyone seen any articles/papers on hardening/locking down NIS+?

Someone will doubtless correct me if I'm wrong, but it's my understanding
that NIS+ is very secure "as is." The only exception arises if it is run
in YP-compatible mode. There are vulnerabilities associated with that,
but we don't do it and I don't recall what they are.

Best regards,

Neil Dickey, Ph.D.
Research Associate/Sysop
Geology Department
Northern Illinois University
DeKalb, Illinois
60115