Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Obtaining NIS domainname from Gatorbox
From: tfs () vampire science gmu edu (Tim Scanlon)
Date: Thu, 13 Apr 95 20:21:33 -0400

der Mouse wrote:

Maybe a good reason to join the crowd and not run NIS?

I wish.  It's clear to me that NIS is a big problem.  But what else is
out there?  We have a definite need to share passwd databases across
many machines, from multiple vendors, none of which we have source code
to.  How close to a solution can we get?

There's also NeXT Inc's Netinfo. It's been ported to all sorts of other
platforms by a company called xedoc.com (I think it's xedoc.com.au, as
they're down under.) I would reccomend taking a serious look at it
as an alternate. It has more security to it than standard NIS hands
down. And it's a hell of alot easier to administer than either NIS or
NIS+, and is far, far more flexible.

I've worked extensivly with both, and allthough I will readily admit
I prefer the NeXT GUI and other aspects of it over SunOS, I'm still
objective enough to realize that there are areas an applications where
on OS is going to be better than another for certain things. (Like
if I'm going to do graphics, I'd prefer an SGI over most anything else
out there) Basicly what I'm trying to say is while I belive I'm being
very, very objective about my opinions on it, don't take my word
for it, check it out on your own in depth.

By no means is it "NIS" but it performs all the same functions, plus
alot more. I think there may be aspects of NIS+ that might be a bit
better, like encrypted transfer of password maps, but I havn't had
the same level of experience with NIS+ so I don't want to get into
comparison there.

I would reccomend it completly as being worthy of serious consideration
as an alternate to NIS, especially in a multivendor enviornment that
would preclude running NIS+ at all or easily. The Xedoc product supports
a wide variety of vendors systems too. So that's a big plus.

One of the best things I can say for it is, I've never heard of anyone
using, making, or otherwise grabbing a password map from netinfo from
a totaly alien machine... If anyone's heard of this being done, I'd
love to hear how & under what circumstances. I'm not saying it's not
possible, but I've seen netinfo frustrate more than one hacker, even
when they got on a machine using it via other means.


tfs () vampire science gmu edu (NeXTmail, MIME)  Tim Scanlon
George Mason University     (PGP key avail.)  Public Affairs
I speak for myself, but often claim demonic posession

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]