The following is a brief compendium of what we at Auburn Univeristy College of Engineering use to secure our NIS networks. We had a mix of about 65% NIS, 35% NIS+ network before dropping NIS+ due to reliability problems and setting all machines to use NIS. The following is our implementation of securing NIS using various vendor patches and free utilities from around the world.
NIS has a reputation of being extremely insecure. If you implement these steps it will lose most if not all of the reasons for this, and you will retain all the administrative advantages of NIS without the security risks. We use NIS on SunOS4 and on Solaris 2.X machines and are a predominantly Sun shop. All other machines may have slightly different results and implementations. Hopefully others will find this useful, though. Here's a list of reasons why you should follow these steps.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.