Centralized logins with NIS Eric Stolten Tim Meade Mark Sidnam.

Slides:



Advertisements
Similar presentations
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Advertisements

DSL-2730B, DSL-2740B, DSL-2750B.
Filtering and Security By Mohammad Shanehsaz June 2004.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Chapter One The Essence of UNIX.
NIS Consistent configuration across the network. Why NIS? Primary reason is to provide same user configuration across the network Users go any machine.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
PC Cluster Setup on Linux Fedora Core 5 High Performance Computing Lab Department of Computer Science and Information Engineering Tunghai University, Taichung,
NIS – Network Information System WeeSan Lee
Linux Networking TCP/IP stack – kernel controls the TCP/IP protocol – Ethernet adapter is hooked to the kernel in with the ipconfig command – ifconfig.
Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.
Wireless Network Security Lab Last Update Copyright 2011 Kenneth M. Chipps Ph.D.
hotEx RADIUS Manager Installation
Installing a New Windows Server 2008 Domain Controller in a New Windows Server 2008 R2.
Network File System CIS 238. NFS (Network File System) The most commercially successful and widely available remote file system protocol Designed and.
1 Network File System. 2 Network Services A Linux system starts some services at boot time and allow other services to be started up when necessary. These.
Remote Disk Access with NFS
UNIT - III. Installing Samba Windows uses Sever Message Block(SMB) to communicate with each other using sharing services like file and printer. Samba.
4-1 PSe_4Konf.503 EAGLE Getting Started and Configuration.
Ch 8-3 Working with domains and Active Directory.
Linux+ Guide to Linux Certification, Third Edition
DHCP. DHCP (Dynamic Host Configuration Protocol) is a network service that enables clients to obtain network settings (IP Address, Subnet Mask, Default.
Chapter 5 Roles and features. objectives Performing management tasks using the Server Manager console Understanding the Windows Server 2008 roles Understanding.
Lecture – Single Login NIS and Winbind. NIS Network Information Service (NIS) is the traditional directory service on UNIX platforms Still widely used.
PRACTICAL STEPS IN SECURING WINDOWS NT Copyright, 1996 © Dale Carnegie & Associates, Inc. TIP For additional advice see Dale Carnegie Training® Presentation.
Chapter 14: Remote Server Administration BAI617. Chapter Topics Configure Windows Server 2008 R2 servers for remote administration Remotely connect to.
Remote Desktop Services Remote Desktop Connection Remote Desktop Protocol Remote Assistance Remote Server Administration T0ols.
I-SUITE 101. I-SUITE BASICS Install I-Suite Server Clients Setup Initial Admin User Create Database Add Users Create Additional Admin User Create I-Suite.
I-SUITE 101. I-SUITE BASICS Install I-Suite Server Clients Setup Initial Admin User Create Database Add Users Create Additional Admin User Create I-Suite.
Pc Naming Configuration 1.WEB REGISTER 2.FIXNAME 3.MCAFEE AGENT SETUP ITC Training: Session 2.
Linux Networking #2 Dr. Michael L. Collard 1.
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
Chapter 10 Networking and the Internet ITSC 1458.
1 Linux Basics for Networking. 2 Module - Linux Basics for Networking ♦ Overview This module focuses on the basics of networking using Redhat Enterprise.
Setting up NIS and HTTP. Network Information Service Reading: 1. Linux NIS HOWTO: howto/HOWTOhttp://
ITI-481: Unix Administration Meeting 5. Today’s Agenda Network Information Service (NIS) The Cron Program Syslogd and Logging.
Home Media Network Hard Drive Training for Update to 2.0 By Erik Collett Revised for Firmware Update.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
INSTALLATION HANDS-ON. Page 2 About the Hands-On This hands-on section is structured in a way, that it allows you to work independently, but still giving.
Implementing a Port Knocking System in C Honors Thesis Defense by Matt Doyle.
Postfix Mail Server Postfix is used frequently and handle thousands of messages. compatible with sendmail at command level. high performance program easier-
Single Sign-on with Kerberos 1 Chris Eberle Ryan Thomas RC Johnson Kim-Lan Tran CS-591 Fall 2008.
Linux Services Muhammad Amer. 2 xinetd Programs  In computer networking, xinetd, the eXtended InterNET Daemon, is an open-source super-server daemon.
Samba Server Configuration
User Access to Router Securing Access.
CIS 192B – Lesson 3 Network Information Services.
HotEx Radius Manager Installation. hotEx RADIUS Manager Network Diagram.
1 Linux Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise.
Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.
1 Network Information System (NIS). 2 Module – Network Information System (NIS) ♦ Overview This module focuses on configuring and managing Network Information.
Configuring AAA requires four basic steps: 1.Enable AAA (new-model). 2.Configure security server network parameters. 3.Define one or more method lists.
Database Security David Nguyen. Dangers of Internet  Web based applications open up new threats to a corporation security  Protection of information.
CheckPoint Reporting System for Seismic Surveys Setting Up for Multiple Users December 2012 Mid Point Geo Limited PO Box 7437 Reading Berkshire RG27 7HQ,
Module 10: Windows Firewall and Caching Fundamentals.
Unix network Services. Configuring a network interface In Unix there are essentially two commands that are used to enable TCP/IP. ifconfig route.
IS493 INFORMATION SECURITY TUTORIAL # 1 (S ) ASHRAF YOUSSEF.
SCSC 455 Computer Security Chapter 3 User Security.
Linux Operations and Administration
Chap 35 Remote Procedure Calls RPC allows one host to make a procedure call that appears to be part of a local process (fig 35.1), but is really executed.
Unit – 5 FTP Server. FTP Introduction One of the oldest and most commonly used protocols The original specification for the File Transfer Protocol was.
1 Security of NIS (YP) Gary Lam
Serial Server Configuration Peter Szyszko. Hardware Configuration  Unit has to be connected to network and powered.  Computer has to be connected to.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
Windows Server 2003 { First Steps and Administration} Benedikt Riedel MCSE + Messaging
PRESENTED BY ALI NASIR BITF13M040 AMMAR HAIDER BITF13M016 SHOIAB BAJWA BITF13M040 AKHTAR YOUNAS BITF13M019.
Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
Chapter 17: Sharing System Files Stephen Workman.
Enumeration.
NIS Concepts and Configuration
Chapter 5: Switch Configuration
Presentation transcript:

Centralized logins with NIS Eric Stolten Tim Meade Mark Sidnam

NIS ● Purpose of NIS – This enables centralized user logins across networks. – The centralized database allows users to login and change passwords in one location and have the changes reflected across all involved systems.

NIS ● Background Information – NIS was originally developed by Sun Microsystems under the name Yellow Pages. However, we are not allowed to use that trademarked name.

NIS vs. NIS+ ● NIS+ was supposed to be a more secure replacement to NIS providing security and easy implementation over large area networks. ● It is important to note that NIS+ is not the same project as NIS. It is a newer version released by Sun Microsystems.

NIS vs. NIS+ ● NIS+ increases security by using additional authentication methods. ● We chose to use NIS over NIS+ because of the small network size and stability.

NIS Server Configuration ● Necessary configuration. – #/etc/sysconfig/network NISDOMAIN=”lab2.research.cs.uofs.edu” – #/etc/yp.conf --This is the ypbind conf file ypserver

NIS Server Configuration ● Necessary running daemons – portmap – An RPC daemon. – yppasswd – allows NIS clients to change their passwords – ypserv -- The main NIS server – ypbind – The main NIS client – ypxfrd – Speeds up password database transfers.

Check for running Daemons ● It is helpful to check that our processes are running with rpcinfo -p localhost. – Output should produce something like tmp]# rpcinfo -p localhost program vers proto port tcp 111 portmapper udp 111 portmapper udp 681 yppasswdd udp 698 ypserv udp 698 ypserv tcp 701 ypserv tcp 701 ypserv

Initializing the NIS Domain ● To build our database, we must run the command /usr/lib/yp/ypinit -m ● This verifies the NIS domain name and generates password databases according to the entries in /etc/passwd ● We must rebuild the databases each time a user is added to the system.

Adding More Users ● After the initialization you need to run: – useradd ● Then run – passwd ● You can verify this by typing – ypmatch ● It will display the user name with an encrypted password.

Configuration of the Client ● The authconfig program configures the NIS files after prompting for the IP and domain of the NIS server ● Once finished it will create the file – /etc/yp.conf ● It also adds the NIS domain to the file: – /etc/sysconfig/network ● This line: +:*::::: had to be added to the /etc/passwd file to direct it to the server.

Running the Client ● Daemons that need to run Client Side – ypbind – portmapper – yppasswdd ● To ensure that the services start the next reboot you need to run: – chkconfig on

Problems ● An incorrect configuration in the – /var/yp/securenets ● prevented us from originally connecting from any computer other than lab2

Problems ● Packages were missing – Ran the Red hat package manager and added the packages ● Firewall was running by default which prevented connections to the server from some clients. – Disabled the firewall – Applications/system settings/security settings

Security Issues ● restricting the server to static IP address removes some fear of hackers ● hacks/cracks included: – running ypcat and cracking the passwd file – obtaining passwd map with ypx ● guesses domain name to look like a box on the network

Resources ● ●

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.