Xref: utzoo comp.os.os2.misc:448 comp.os.os2.apps:54 Path: utzoo!censor!geac!torsqnt!hybrid!scifi!bywater!arnor!news From: yozzo@ibm.com Newsgroups: comp.os.os2.misc,comp.os.os2.apps Subject: RE: TCP/IP & NFS Client for OS/2 systems; what's out there? Message-ID: <1990Dec5.153030.28086@arnor.uucp> Date: 5 Dec 90 15:30:30 GMT Sender: news@arnor.uucp (NNTP News Poster) Organization: IBM T.J. Watson Research Center Lines: 42 > > We're looking for an OS/2 TCP/IP implementation and NFS client with > authentication. > > Please don't mention the IBM version 1.1 TCP services; these allow people to > EASILY spoof any UID on the network! That is, you set your UID and GID > through environment variables rather than provide any authentication! When > I saw this I nearly freaked out..... > > Needless to say, this is rather insane! So much for the security we have > managed to build over the past several months. > > Does anyone have a TCP/IP suite for OS/2? If so, please forward the info. > Ads and pay-ware are just fine.... > > Email or post please! > > -- > Karl Denninger AC Nielsen > kdenning@ksun.naitc.com > (708) 317-3285 > Disclaimer: Contents represent opinions of the author; I do not speak for > AC Nielsen on Usenet. The real trouble lies in the AUTH_UNIX authenication scheme. For better security, use the AUTH_DES authenication scheme. Currently, IBM OS/2 TCP/IP does not support the AUTH_DES security scheme. ------------------------------------------------------------------------------ | Ralph E. Yozzo | DISCLAIMER: The opinions expressed | | IBM Thomas J. Watson Research Ctr. | herein are the Authors. | | Arpanet: yozzo@ibm.com | And are not necessarily those of his | | | employer or this station. | | Bitnet: yozzo@yktvmx.bitnet \---------------------------------------| | Home: ..!uunet!bywater!acheron!larouch!yozzo | Phone: (914) 945-3634 work | | | Phone: (914) 564-4731 home | ------------------------------------------------------------------------------