[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [seul-edu] WebVC special yppasswd



Hi Daniel,

I am interested in your set-up.  I have two basic
choices.  I am hoping you can advise me a little on the
use and security of NIS.  


Internet -- Firewall -- Internal 
                |
                |
               DMZ
      (Web & Email Servers)

My question is I have heard that NIS is not very
secure.  I also know that we are on somebody's hit
list.  We were recently broken into and we have at least
monthly attacks -- usually just before things like
parents weekend and other very public events.  So I am
hesitant to create security holes to add convience.

It occured to me to that if I use NIS I would have to
put it in the DMZ -- so that all my servers (internal
and public could see it).  However it makes me nervous
that this server could be seen.  I was thinking that I
could have the mail server be the only one that was
different and then have all other accounts be internal.

What would you lean toward?  How much information does a
NIS server hold about the other servers?  How much am I
opening the network if I use NIS?  Have you set up NIS? 
I will need to do this for my student network  -- I need
to this up to allow other Linux computers to log-in as
workstations.

Any advise would be greatly appreciated from your
experience.

Thanks.

Bill

--------------------------------------
If you find this message objectionable 
or of questionable authenticity please 
contact <support@tasis.ch>.