MCSE Boot Camp Notes :

Networking Guide
Chapter 7, Configuring the Network Information Service (NIS)
Security limitations on configuration

Security limitations on configuration

To preserve the integrity of trusted databases, NIS may not modify certain sensitive files within a C2 Secure system. Although SCO NIS operates on a system with any of the security defaults (High, Improved, Traditional, and Low), the password and group databases are updated by NIS only in the security defaults that use /etc/passwd and /etc/group as the master databases. This condition is true if Traditional or Low security (Unsecure Mode) is chosen at installation time. If High or Improved security (Secure Mode) is chosen, the Trusted Computing Base (TCB) manages /etc/passwd and /etc/group and does not allow NIS to update these files.

Only copy-only NIS servers and clients can be initialized in Secure Mode settings on SCO systems. These servers may receive maps, but they cannot propagate them. In addition, if a copy-only server in Secure Mode receives a password or group map, it cannot translate these maps into /etc/passwd or /etc/group ASCII files.

Clients that include NIS maps in their /etc/passwd or /etc/group files circumvent TCB and are not C2 Secure.

Table 7-1, ``Security configurations for SCO NIS servers and clients'', lists the security configurations permitted for each type of SCO NIS server and client. 

Table 7-1 Security configurations for SCO NIS servers and clients

 -------------------------------------------------------------------
 SCO NIS server
 or client type   Permitted security settings
 -------------------------------------------------------------------
 master or        Unsecure Mode only (Traditional or Low)
 slave
 copy-only or     Secure Mode (High or Improved) or
 client           Unsecure Mode (Traditional or Low)
These security precautions help prevent unauthorized NIS password and group information from reaching SCO hosts. However, the same security precautions may not be available for client implementations running on systems other than SCO. Consult your documentation for NIS client implementations if you are concerned with security.

See also:

Networking guide
Call : 800-519- 2267
MCSE CCNA Certification boot camp
Testimonials
 Join MCSE Boot Camp & CCNA Boot Camp Back to Back Certification Today.
 MCSE Boot Camp links  MCSE Boot Camp 270  MCSE Boot Camp  290  MCSE Boot Camp  291  MCSE Boot Camp 293  MCSE Boot Camp  294  MCSE Boot Camp 298  MCSE Boot Camp 299  MCSE Boot Camp Security  MCSE Boot Camp 640-801  MCSE Boot Camp routing MCSE Boot Camp 811  MCSE Boot Camp 821  MCSE Boot Camp 831  MCSE Boot Camp Resources MCSE Boot Camp MCSE + CCNA  MCSE Boot Camp Training  MCSE Boot Camp Card pay  MCSE Boot Camp Papal  MCSE Boot Camp MCSE Notes  MCSE Boot Camp CCNA Notes    MCSE Boot Camp index MCSE Boot Camp main  MCSE Boot Camp root MCSE Boot Camp link  MCSE Boot Camp resources MCSE Boot Camp home    Ref1 Ref2
Microsoft MCSE Boot Camp
MCSE Boot Camp, MCSE Certification boot camp, MCSE Training boot camps, MCSE certification  boot camp training at California and Maryland USA. Also CCNA, CCNP, CISSP, Red Hat Linux Certification notes.

 Vibrant boot camp offers MCSE, CCNA, CCNP Certification back to back

Vibrant offers MCSE certification training boot camp for $5400 all inclusive, instructor led at California and Baltimore.

Vibrant Bootcamp Participants come from All Around the World. Vibrant has trained students from more than 15 countries like USA, UK, (Scotland, Ireland, Wales), Switzerland, Germany, Australia, Canada, France, Holland, Japan, Belgium, Bahrain, New Zealand, Tanzania, Turkey, Kenya and more.

Preboot Sequence, Process Accounting, Publishing Resources, Publishing Software Packages, Redeploying Software, Refreshing Group Policy at Established Intervals, Remote Assistance, Remote Desktop for Administration, Removing a Service Pack or Hotfix, Removing or Disabling Software, Requesting Assistance, Reroute Requests with Redirects, Resolving Conflicts Between Group Policy Settings, Restoring Active Directory Directory Services, Restoring Files and Folders, Roaming User Profiles, Security, Setting Up and Managing Published Printers, Setting Up and Managing Published Shared Folders, Setting Up Auditing, Shared Folder Permissions, Slipstreaming Service Packs and Hotfixes, Software Deployment, Software Installation and Maintenance Technology, Software Update Services, Support_388945a0 account credentials instead of the users credentials to perform specific administrative, System Requirements, TABLE OF CONTENTS : Installing and Deploying Windows Server 2003, Taking Ownership, Terminal Server Role, Terminal Services Components, Terminal Services,  The Boot.ini File, The Deny Permission, The File Signature Verification Utility, The Logman Utility, MCSE Boot Camp Training get MCSE join MCSE Bootcamp, The Recovery Console, The relog Utility, MCSE Boot Camp Training get MCSE join MCSE Bootcamp, The Remote Desktop Connection Utility, The Remote Desktops Snap-In, The Session Manager, The Shutdown Event Tracker, The System Monitor, The typeperf Utility, The Windows Server 2003 Boot Process, Troubleshooting NTFS Permission Problems, Troubleshooting Terminal Services, Unattended Installation, Upgrading Software, Using a Saved File to Request Assistance, Using an Audit Policy, Using an Unattended Answer File, Using Configure Your Server Wizard and Add or Remove Programs to Install IIS, Using Driver Signing, Using E-Mail to Request Assistance, Using Event Viewer to View Security Logs, Using Event Viewer, Using Group Policy, Using Remote Installation Services, Using Scripting to Manage Website Content, Using Task Manager to Monitor Performance, Using the Recovery Console, Using the System Preparation Tool, Using User Profiles, Using Windows Messenger to Request Assistance, Viewing Security Logs, Virtual Directories, Volume Mounting, Web-Based Administration, Windows Server 2003 Licensing, Windows Server 2003 network, Windows Update Catalog, Windows Update