On Fri, 5 Apr 2002, Guido Fraietta @ Envisat wrote: > Dear all, > > I am now using the CheckPoint Firewall Software VPN-1 & FireWall-1 > Version 4.1 and I have to enable RPC (Remote Procedure Call) services > among two machine through the firewall, because I use NIS services. I
Passing authentication mechanisms through a firewall is generally a bad thing. You're much better off keeping external machines in their own authentication realm and not having users share credentials between an external and internal trust zones. NIS and NIS+ are particularly "bad" protocols to let through a firewall (in general and also due to their reliance on RPC- let's not ignore the long history of RPC-based worms and the dangers of letting internal and external machines talk RPC.) You might want to read: http://lists.gnac.net/pipermail/firewalls/2001-December/086870.html http://lists.gnac.net/pipermail/firewalls/2001-December/086807.html Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions [EMAIL PROTECTED] which may have no basis whatsoever in fact." _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
