[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: shadow over NIS - answer
On Wed, 14 Apr 1999, guy keren wrote:
> > # Host : Map : Security : Passwd_mangle
> > * : * : port : yes
> >
> > in ypserv.conf solves this problem. It mangles the passwords for
> > unauthorized users based on the accessing port number.
>
> and why do you think this solves the problem? one can always connect an
> extra machine to your network, or run sniffers, etc, etc, etc.
It solves the one problem I was referring to.
The problems you mention are taken care of by different means in the
network I'm talking about. I was alarmed to discover that, whilst having
paid a lot of attention to various security aspects, such a security
breach was left open (because of stupid out-of-the-box misconfiguration as
it turned out...)
Tuvik
--------------------------------------------
Tuvik Beker
P.O. Box 571, Givatayim 53104
Tel. (972) 3 5714436 Fax. (972) 3 5334349
tuvik@picard.tau.ac.il
--------------------------------------------