[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: shadow over NIS - answer



On Wed, 14 Apr 1999, guy keren wrote:

> > # Host                     : Map              : Security   : Passwd_mangle
> > *                          : *                : port       : yes
> >
> > in ypserv.conf solves this problem. It mangles the passwords for
> > unauthorized users based on the accessing port number.
> 
> and why do you think this solves the problem? one can always connect an
> extra machine to your network, or run sniffers, etc, etc, etc.

It solves the one problem I was referring to. 
The problems you mention are taken care of by different means in the
network I'm talking about. I was alarmed to discover that, whilst having
paid a lot of attention to various security aspects, such a security
breach was left open (because of stupid out-of-the-box misconfiguration as
it turned out...)

Tuvik

--------------------------------------------
               Tuvik Beker
      P.O. Box 571, Givatayim 53104
Tel. (972) 3 5714436    Fax. (972) 3 5334349
          tuvik@picard.tau.ac.il
--------------------------------------------