Re: Hardening NIS+

From: Neil Dickey (neil@geol.niu.edu)
Date: 08/09/02


Date: Fri, 9 Aug 2002 15:05:37 -0500 (CDT)
From: Neil Dickey <neil@geol.niu.edu>
To: jim.small@eds.com, focus-sun@securityfocus.com


"Small, Jim" <jim.small@eds.com> wrote asking:

>Has anyone seen any articles/papers on hardening/locking down NIS+?

Someone will doubtless correct me if I'm wrong, but it's my understanding
that NIS+ is very secure "as is." The only exception arises if it is run
in YP-compatible mode. There are vulnerabilities associated with that,
but we don't do it and I don't recall what they are.

Best regards,

Neil Dickey, Ph.D.
Research Associate/Sysop
Geology Department
Northern Illinois University
DeKalb, Illinois
60115



Relevant Pages

  • Re: The Obama Bounce: Obama 51% -- McCain 36%...
    ... The problem is that your understanding is NOT correct. ... I'm not making an exception of myself. ... contributed is my business and I see no reason to have to share it with you ... I don't know who, if anyone, you sent your money to and if you chose not to ...
    (soc.retirement)
  • Re: overcome NIS
    ... That does not make NIS SECURE. ... he says he can not fine any security holes. ... The question was not 100% security, it was that NIS has NO SECURITY HOLES. ...
    (comp.os.linux.security)
  • Re: overcome NIS
    ... That does not make NIS SECURE. ... Learn about security and who the treats are. ... Now cut a hole in a piece of paper and then tell me how 'security is implied in the word 'hole' having done that cut a hole in the hole. ...
    (comp.os.linux.security)
  • Re: overcome NIS
    ... That does not make NIS SECURE. ... Learn about security and who the treats are. ... deal of the hacking comes from INSIDE the firewall. ...
    (comp.os.linux.security)
  • Re: CryptAcquireContext using MS_ENHANCED_PROV
    ... it is throwing an exception. ... obviously your system is much les secure. ... to be backward compatible with older and less secure systems, ... always use the more secure enhanced provider. ...
    (microsoft.public.platformsdk.security)