1. Home
  2. Linux systems
  3. Ppractical unix & internet security

A.15 Chapter 14: Network-Based Authentication Systems

  • Don't use your Internet domain name as your NIS domain.

  • Use NIS+ instead of NIS, if possible. Don't run NIS+ in compatibility mode.

  • Use netgroups to restrict access to services, including login.

  • Make sure that your version of ypbind listens only on privileged ports.

  • Make sure that there is an asterisk (*) in the password field of any line beginning with a plus sign (+) in both the passwd and group files of any NIS client.

  • Make sure that there is no line beginning with a plus sign (+) in the passwd or group files on any NIS server.

  • If you are using Kerberos, understand its limitations. Protect the Kerberos controller at all costs.

  • If you are using LDAP for authentication, secure connections with TLS/SSL.



    		Preface
    		Part I: Computer Security Basics
    		Part II: Security Building Blocks
    		Part III: Network and Internet Security
    		Part IV: Secure Operations
    		Part V: Handling Security Incidents
    		Part VI: Appendixes
    		Appendix A. Unix Security Checklist
    		A.1 Preface
    		A.2 Chapter 1: Introduction: Some Fundamental Questions
    		A.3 Chapter 2: Unix History and Lineage
    		A.4 Chapter 3: Policies and Guidelines
    		A.5 Chapter 4: Users, Passwords, and Authentication
    		A.6 Chapter 5: Users, Groups, and the Superuser
    		A.7 Chapter 6: Filesystems and Security
    		A.8 Chapter 7: Cryptography Basics
    		A.9 Chapter 8: Physical Security for Servers
    		A.10 Chapter 9: Personnel Security
    		A.11 Chapter 10: Modems and Dialup Security
    		A.12 Chapter 11: TCP/IP Networks
    		A.13 Chapter 12: Securing TCP and UDP Services
    		A.14 Chapter 13: Sun RPC
    		A.15 Chapter 14: Network-Based Authentication Systems
    		A.16 Chapter 15: Network Filesystems
    		A.17 Chapter 16: Secure Programming Techniques
    		A.18 Chapter 17: Keeping Up to Date
    		A.19 Chapter 18: Backups
    		A.20 Chapter 19: Defending Accounts
    		A.21 Chapter 20: Integrity Management
    		A.22 Chapter 21: Auditing, Logging, and Forensics
    		A.23 Chapter 22: Discovering a Break-In
    		A.24 Chapter 23: Protecting Against Programmed Threats
    		A.25 Chapter 24: Denial of Service Attacks and Solutions
    		A.26 Chapter 25: Computer Crime
    		A.27 Chapter 26: Who Do You Trust?
    		A.28 Appendix A: Unix Security Checklist
    		A.29 Appendix B: Unix Processes
    		A.30 Appendixes C, D, and E: Paper Sources, Electronic Sources, and Organizations
    		Appendix B. Unix Processes
    		Appendix C. Paper Sources
    		Appendix D. Electronic Resources
    		Appendix E. Organizations
    		Colophon