Date: Mon, 13 Dec 1999 22:18:37 -0500 (EST) From: Jaime Kikpole <jaime@malkav.snowmoon.com> To: cjclark@home.com Cc: Jeroen Ruigrok van der Werven <asmodai@bart.nl>, freebsd-questions@FreeBSD.ORG Subject: Re: Merging 2 servers? Message-ID: <Pine.BSF.4.10.9912132203210.56828-100000@malkav.snowmoon.com> In-Reply-To: <199912140055.TAA75121@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 13 Dec 1999, Crist J. Clark wrote: > Before you even consider NIS or NFS, I think you need to think about > your security model. I would guess every student in the building does > not physically use these machines, but rather there is some LAN the > teachers and students connect too? With NIS/NFS, if one host on the > network is comprimised... Game over. Or if some bright pre-teen brings > in a laptop and plugs it in to the LAN, they gotcha. Want students to > be able to read each others' mail or *gasp* the teachers' mail and > files? (And do you really trust all of those teachers too? ;) NIS doesn't encrypt? Yick. Any way to tunnel it through ssh or something like that? > I agree that we need a little more info about your entire network > archtecture and your goals. But we'd love to show-off^H^H^H^H^H^H^H^H > help you with your problem. Sorry about that. Over 90% of the workstations are MacOS computers. Until recently, they were almost entirely MacOS 7.5.3 through 8.1. We just bought a large number of the newest iMac models, though, and those run MacOS 9.0. I'm using the netatlk-asun port for file serving purposes and MacAdmin as the security on the Macs in two buildings and I'm in the process of moving from At Ease to Mac Manager in the other two. (MacAdmin uses the file sharing from NetATalk as an authentication protocol. At Ease and Mac Manager aren't quite as good at integration, unfortunately.) Printers all handle themselves. They're all either serial printers or networked with built-in print servers. Students and staff can read their email through Apache+PHP served web-mail. They're allowed to reach their files via FTP and given a ~/public_html directory for their own intranet space. (We have wierd policies about posting things publicly.) They can also use the AppleShare over IP features in the netatlk-asun port. I'm looking into adding Samba (for the obvious reasons) to the server, too. I just haven't gotten arround to it because of a few sudden break-downs in our network. Most of the access to the server comes in the form of one of those file-sharing protocols (if you can count FTP as file sharing) or via Apache. Did I leave out anything that might help you figure out what I've gotten myself into? :) Thanks again for the advise. Its not always earth shattering, but it has been turning up little bits of important info along the way. Jaime To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9912132203210.56828-100000>