Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Replacement for NIS? (was Re: Obtaining NIS domainname from
From: afx () ibm de (Andreas Siegert)
Date: Mon, 17 Apr 1995 19:18:46 +0200 (CEST)

One's own domainname, nothing.  But someone else knowing your
domainname gives that someone a significant edge when it comes to
breaking in to your machines.

Given the more recent versions of ypserv I don't see any major security 
problems left with YP.  i.e the patches which Sun (at least, and maybe HP if 
you believe their docs) produced which tells a ypserv and portmapper which 
machines they should talk to.

Back before these patches one could extract yp maps from a random domain using 
ypxfer, or hand written code but this no longer works with the newer code.

If there are other security hole left please enlighten me.

Any user on the legal hosts still can get encrypted passwords.
No password aging and password quality control mechanism in heterogenious
The host based access control in ypserv can be easily circumvented by adding
your own system to the local LAN and spoofing an address.

The changes sure protect against attacks from remote sites, but local security
is still very low.


Andreas Siegert       afx () ibm de / afx () barolo ak munich ibm com / AFX at IPNET
Every time we've moved ahead in IBM, it was because someone was willing to take
a chance, put his head on the block, and try something new - Thomas Watson, Jr.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]