From owner-freebsd-security Wed Nov 3 12: 3:44 1999 Delivered-To: freebsd-security@freebsd.org Received: from ares.maths.adelaide.edu.au (ares.maths.adelaide.edu.au [129.127.246.5]) by hub.freebsd.org (Postfix) with ESMTP id 3AE6214F85 for ; Wed, 3 Nov 1999 12:03:31 -0800 (PST) (envelope-from glewis@ares.maths.adelaide.edu.au) Received: (from glewis@localhost) by ares.maths.adelaide.edu.au (8.9.3/8.9.3) id GAA31975 for freebsd-security@freebsd.org; Thu, 4 Nov 1999 06:32:12 +1030 (CST) (envelope-from glewis) From: Greg Lewis Message-Id: <199911032002.GAA31975@ares.maths.adelaide.edu.au> Subject: Re: Security and NIS - alternatives? In-Reply-To: <3.0.3.32.19991103083132.01b5fa50@207.227.119.2> from "Jeffrey J. Mountin" at "Nov 3, 1999 08:31:32 am" To: freebsd-security@freebsd.org Date: Thu, 4 Nov 1999 06:32:12 +1030 (CST) X-Mailer: ELM [version 2.4ME+ PL56 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Or run a separate network for passing NIS information and block NIS queries > on the "primary" network visible to the world. Could do the same for other > services as well. Unfortunately the network setup I have to work with won't allow that. I'd certainly do it if I could. > And there is the ever popular do-not-allow-shell-accounts method, but your > mention of workstations limits either of these solutions. Yep, all the staff will have shell accounts. > Have you considered SKIP? No, but I'll certainly go and have a look into it. Thanks! -- Greg Lewis glewis@trc.adelaide.edu.au Computing Officer +61 8 8303 5083 Teletraffic Research Centre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message