[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: NIS(Client && Server) + Security

Citando Jamie Heilman <jamie@transient.net>:

 > I have 3 machines, A, B and C.  Machine A is my gateway,B my NIS,
 > mail and SMB server and machine C is my WorkStation.  My doubt is if
 > is secure to have a NIS client on machine A or simple re-direct my
 > connections to machine B?
 
 Unless there's something you've not told us there's no reason to have
 A provide your NIS service, so why even consider it?  If you did put
 NIS on machine A, for whatever reason, you would need to ensure hosts
 external to your local network couldn't access the NIS service, which
 could be done using the usual packet filtering techniques.  In general
 NIS should never be exposed to untrusted access because its far too
 vulnerable to attack.  I say this assuming A, B, C are all on a single
 local network, if machine B is external to the network machine C is
 on, well then, its a different story, and perhaps NIS isn't the best
 tool for the job.  (IMO, NIS is almost never the best tool in
 homogenous linux environments.)
 
 -- 
 Jamie Heilman                   http://audible.transient.net/~jamie/
 "Most people wouldn't know music if it came up and bit them on the ass."
                                                         -Frank Zappa
 

One last thing: What links do you sugest to read about this matter (NIS) and
what better tools exist for this kind of job?
Thanks for everything.

Ricardo Sousa


______________________________________________
O email preferido dos portugueses agora também
é o Acesso Gratuito à Internet que dá prémios!
Saiba mais: http://concurso.portugalmail.pt
Reply to: