On Thu, 26 Sep 2002, nate wrote: > D. J. Bolderman said: > > Hi Guys,
> > Now, when I start NIS, I see that ypbind tries to bind to eth0, but I > > want it to bind to eth1. > I believe all RPC services bind to 0.0.0.0 (all interfaces), and there > is no way to change this, from what I've read it would require a ton of > code to be changed. I have also read that just because a service is > listening on one interface instead of both, does not mean that service > is not accessable from the other interface. That is, even if you COULD > bind NIS to eth1, an attacker could still in theory(maybe in practice > though it's a bit beyond my knowledge at this point), connect to the > service through the eth0 interface. Again from what I've read this rule > does not apply to services bound to the loopback(lo) interface. But you > still won't be able to bind RPC services(such as NIS) to a specific > interface without major code changes. > Things may of changed since but I don't think they have. A good firewall > is your best bet. > I believe this situation is shared on other UNIX systems as well, I haven't > encountered a UNIX system that had a way to do this(though I haven't > actively looked into it either). well, after changing my nisdomainname to something else than my normal domainname, restarting the server, and make some slight changes in the config files, i got rid of those messages. NIS seems to be running fine now. Ofcourse, i'm not sure what the problem was, but i will take a look at the config files again to make sure I know what i'm doing...:) Thanks for explaining a bit more in-depth details ! -- D.J. Bolderman [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
