Penetration Testing mailing list archives

Re: [PEN-TEST] NIS. An Alternative.

From: Ryan Permeh <Ryan () EEYE COM>
Date: Tue, 22 Aug 2000 08:50:41 -0700

kerberos offers a similar set of services, NTLM authentication(using PAM
plugs, etc on the unix side), also offers a similar set of possibilities.
There are many SSI technologies out there, many with technologies like LDAP
at their core(the win2k model comes to mind).  As for "more secure", i don't
know.  i'd think that NIS gets hammered on as much if not more than any of
these other technologies.(not that i'm advocating NIS over any of the
others).  If you want to add another level of access control, consider
adding a hadware compnent, like RSA's cardkey solution, or any of a variety
of "smartcard" technologies.

Signed,
Ryan
eEye Digital Security Team
http://www.eEye.com
----- Original Message -----
From: "Jason Spencer" <jsmithspencer () HHH CO UK>
To: <PEN-TEST () SECURITYFOCUS COM>
Sent: Monday, August 21, 2000 6:01 AM
Subject: NIS. An Alternative.

Due to the security implications created through using NIS (Network
Information Services) could anyone recommend any alternatives ?

Thanks

Current thread:

[PEN-TEST] NIS. An Alternative. Jason Spencer (Aug 21)
- Re: [PEN-TEST] NIS. An Alternative. Max Vision (Aug 22)
  - Re: [PEN-TEST] NIS. An Alternative. Iván Arce (Aug 22)
- Re: [PEN-TEST] NIS. An Alternative. Adam Prato (Aug 22)
- Re: [PEN-TEST] NIS. An Alternative. Jose Nazario (Aug 22)
- Re: [PEN-TEST] NIS. An Alternative. Massimo Fubini (Aug 22)
- Re: [PEN-TEST] NIS. An Alternative. Ryan Permeh (Aug 22)
- Re: [PEN-TEST] NIS. An Alternative. Domenico De Vitto (Aug 24)
  - Re: [PEN-TEST] NIS. An Alternative. Peter Van Epp (Aug 24)