• Part I
  • sun managers I
• Part D
  • sun managers D
• Part L
  • sun managers L
• Part H
  • sun managers H
• Part B
  • sun managers B
• Part E
  • sun managers E
• Part J
  • sun managers J
• Part F
  • sun managers F
• Part C
  • sun managers C
• Part K
  • sun managers K

SITEMAP

NIS security

Fellow managers:

This is a delayed summary, since I was expecting a few more responses

but not much on this one.

The bottom line for me is that there are security holes in NIS and depending

on how paranoid one is, should select accordingly between NIS and

NIS+. I still feel that NIS+ is an overkill for small environments but

unfortunately we live in a dangerous world.

I am grateful for the thoughtful responses to the following three managers:

        Birger Wathne Birger.Wathne@getronics.no

        Ken robsonk@ebrd.com

        Jochen Bern bern@penthesilea.uni-trier.de

ANSWERS:

>From bern@penthesilea.uni-trier.de Wed Nov 10 07:36:26 1999

        With NIS you get the encrypted passwords in a publicly readable NIS

        map, so you loose the security you got with /etc/shadow where the

        passwords were not readable by ordinary users. With NIS any user can

        ypcat passwd and save the output to file. And then run crack....

        Besides, if you don't have a properly set up firewall, then anyone on

        the net who can guess your NIS domain name can connect to your NIS

        servers and fetch the maps...

        

        With NIS+ it depends on the authentication level. If it runs at the

        lowest level (or NIS compatibility mode) security is no better than

        with NIS. In a pure NIS+ environment you have access bits on each

        table, row column and cell. So the encrypted passwd field in the passwd

        map will only be readable to admin users and the user who owns the

        password. Ordinary users will not see other users encrypted

        passwords. The NIS+ servers also requires that the client machines

        authenticate themselves before they can do NIS+ lookups.

>From robsonk@ebrd.com Thu Nov 11 02:29:13 1999

        The key point you are missing here is not the existence of shadow or

        otherwise, it is that NIS does all transfers plain text over the wire.

         Now on your average host the fact that UNIX uses relatively weak

        password encryption algorithm's is compensated for /etc/shadow, only

        root can read this field and hence the encrypted passwords. With NIS

        you can type ypcat passwd and you get the whole thing, now unless NIS

        is rebuilt with some kind of encryption, then it does not matter if

        you put the passwords in shadow or not because I could just type ypcat

        shadow and I got them. So to make this secure you need to encrypt the

        NIS exchanges, well guess what NIS+ is, plus some sensible performance

        enhancements as NIS does not scale well.

From: Jochen Bern <bern@penthesilea.uni-trier.de>

> -When running NIS (not NIS+) password info is transfered between master-slave

> but the transfers move around scrambled passwords (shadow passwords) correct?

        

        Yes.

        

> - What vulnerabilities is exactly NIS open to? By reading the docs NIS+

> is more secure, but to what type of attacks?

        

        Off the top of my head: Cracking passwords (noone ever proved the

        encryption to be a strong one ...); Leeching information from

        offsite ("fixed" by /var/yp/securenets in NIS, *if* you remember

        to maintain it); Server imposters (the Texas Agriculture something-

        orother U, aka TAMU, had an incident where someone pirated a fast

        machine and used it to reply to NIS "ypmatch someuserid passwd"

        style requests *before* the actual NIS server, with a reply that

        made the clients think it's a valid UId-0 account; since the request

        type of a "ypcat passwd" is different, there was no trace of this to

        be seen unless you *knew* the bogus userid, or found bogus processes/

        logins red-handed; fighting this incident resulted, among other

        things, in the packetman software).

        

ORIGINAL POSTING:

     Dear Managers,

     

     I have been looking in the archives and docs for NIS vs NIS+

     comparisons but didnt find one one addressing the follwoing specific

     questions.

     

     -When running NIS (not NIS+) password info is transfered between

    master-slave but the transfers move around scrambled passwords (shadow

    passwords) correct?

     - What vulnerabilities is exactly NIS open to? By reading the docs

    NIS+ is more secure, but to what type of attacks?

     

--------------------------------------------------

George Dimitoglou

SM&A, Space Sciences Division

SOHO ESA/NASA Project Scientist Team

Laboratory of Astronomy & Solar Physics

NASA Goddard Space Flight Center

Bldg. 26, G-1, Code 682.3

Greenbelt, MD 20771

george@esa.nascom.nasa.gov

Comments

"sun managers L [Part L]" Sponsored Links

• "sun managers L [Part L]" New Questiones!

  • NIS questions - summary
  • NIS Question
  • NIS problems
  • NIS problem
  • Nis problem
  • nis plus replica server
  • NIS password problems
  • NIS on Srv A and Autohome on Srv B
  • NIS MAX RECORD LENGTH
  • NIS Master / Slave
  • NIS maps, "+ syntax" and nsswitch file
  • NIS map not propogating. ideas?
  • NIS map for locale
  • NIS domain name change
  • NIS capacity
  • NIS and Solaris 2.5.1
  • NIS and sendmail problems!!!
  • NIS and NIS+
  • NIS and Netscape's Directory Server
  • NIS and automount dependencies

Copyright © 2008 thatsjava.com • All rights reserved • CMS Theme by WebmasterFund.com - 0.516