[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NIS secure mode

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: NIS secure mode
From: "David S." <davids_(_at_)_idiom_(_dot_)_com>
Date: Mon, 29 Dec 2003 12:28:38 -0800

> the network problems of NIS remains. 
> 
> - map are still transfered in plain text
> - easy spoofable 
> 
> > Does the use of secure mode under NIS make it really secure for an OpenBSD
> > only network ?

If you do indeed have an OpenBSD-only network, IPSEC can help with both
the problems sited above.  Though the last I checked, 'isakmpd' couldn't
do ESP and AH together.  So depending on how you configure IPSEC, you
may get encrypted transfers or authenticated connections, but not both.

David S.

References:
- NIS secure mode
  - From: Antoine Jacoutot

Prev by Date: Host Name?
Next by Date: obsd3.2 and ibm aptiva
Previous by thread: NIS secure mode
Next by thread: Re: NIS secure mode
Index(es):
- Date
- Thread

Visit your host, monkey.org