https://community.hpe.com/t5/operating-system-hp-ux/how-do-i-secure-the-ypbind-daemon/m-p/2686909#M589822 putting a couple of NIS servers in the file<BR />/var/yp/secureservers has stopped the<BR />sunos 3x error message . But it now fails<BR />NIS client with the message <BR />FAILURE code 1 after the ypbind daemon tries to start up in file /sbin/rc.d/S420nis.client<BR /><BR />I have tried adding NIS clients to the <BR />/var/yp/securenets file but I get NIS master FAILURE codes as well.<BR /><BR />Hope this makes sense and help me further.<BR /><BR />Is the format of the secureservers file<BR /><BR />Subnet_mask IP_ADDRESS e.g.<BR />255.255.252.0 137.229.234.20<BR />255.255.252.0 137.229.237.21<BR /><BR />Mick Wed, 20 Mar 2002 16:30:37 GMT Mick Goddard_1 2002-03-20T16:30:37Z https://community.hpe.com/t5/operating-system-hp-ux/how-do-i-secure-the-ypbind-daemon/m-p/2686906#M589819 A Intrusion report lists that ypbind is running over a non-reserved port. And it needs to be moved to a reserved ports to pass Intrusion tests. <BR /><BR />It is a HP700 10.20. I have tried setting YPBIND_OPTIONS = "-s" in /etc/rc.config.d/namesvrs file on NIS Master<BR />and Client. Both machines report error message<BR />on startup of NIS<BR /><BR />"Secure mode sunos 3.x servers rejected"<BR /><BR />Can anyone help me configue this properly.<BR /><BR />Regards<BR /><BR />Mick<BR /><BR /> Wed, 20 Mar 2002 10:57:15 GMT https://community.hpe.com/t5/operating-system-hp-ux/how-do-i-secure-the-ypbind-daemon/m-p/2686906#M589819 Mick Goddard_1 2002-03-20T10:57:15Z https://community.hpe.com/t5/operating-system-hp-ux/how-do-i-secure-the-ypbind-daemon/m-p/2686907#M589820 Mick,<BR /><BR />From the man pages of ypbind:<BR /><BR />The "-s" option:<BR /><BR />"-s" Secure. When specified, only NIS servers bound to a reserved port are used. This allows for a slight increase in security in completely controlled environments, where there are no computers operated by untrusted individuals. It offers no real increase in security.<BR /><BR /><BR />Get the security patch checker and see if there are any patches that may apply:<BR /><BR /><A href="http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6834AA" target="_blank">http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6834AA</A><BR /><BR />live free or die<BR />harry Wed, 20 Mar 2002 13:05:23 GMT https://community.hpe.com/t5/operating-system-hp-ux/how-do-i-secure-the-ypbind-daemon/m-p/2686907#M589820 harry d brown jr 2002-03-20T13:05:23Z https://community.hpe.com/t5/operating-system-hp-ux/how-do-i-secure-the-ypbind-daemon/m-p/2686908#M589821 Hi,<BR /><BR />check the file "/var/yp/secureservers" <BR /><BR />See also,<BR />man ypserv <BR /><BR />-Vijay Wed, 20 Mar 2002 13:24:02 GMT https://community.hpe.com/t5/operating-system-hp-ux/how-do-i-secure-the-ypbind-daemon/m-p/2686908#M589821 K.Vijayaragavan. 2002-03-20T13:24:02Z https://community.hpe.com/t5/operating-system-hp-ux/how-do-i-secure-the-ypbind-daemon/m-p/2686909#M589822 putting a couple of NIS servers in the file<BR />/var/yp/secureservers has stopped the<BR />sunos 3x error message . But it now fails<BR />NIS client with the message <BR />FAILURE code 1 after the ypbind daemon tries to start up in file /sbin/rc.d/S420nis.client<BR /><BR />I have tried adding NIS clients to the <BR />/var/yp/securenets file but I get NIS master FAILURE codes as well.<BR /><BR />Hope this makes sense and help me further.<BR /><BR />Is the format of the secureservers file<BR /><BR />Subnet_mask IP_ADDRESS e.g.<BR />255.255.252.0 137.229.234.20<BR />255.255.252.0 137.229.237.21<BR /><BR />Mick Wed, 20 Mar 2002 16:30:37 GMT https://community.hpe.com/t5/operating-system-hp-ux/how-do-i-secure-the-ypbind-daemon/m-p/2686909#M589822 Mick Goddard_1 2002-03-20T16:30:37Z