I wrote: >What's wrong with knowing one's NIS domainname? Two things: 1) I realized why after I sent this. 2) I've already been told why by about a dozen people! :-) THANKS everyone! >I keep hearing people say this about NIS. However, when one is >running a lot of systems (including PC-NFS clients) it is fantastically >easy to administrate (especially when one is not a full-time sysadmin). How about this for a solution: Have a firewall block the ports NIS is using and make sure the router is programmed not to allow NIS packets through an outside line. Would this work or am I still asking for trouble? Then the questions come, what ports do I block? On one setup, I already block the ports for sunrpc. Is that enough? scott barman scott@disclosure.com / barman@ix.netcom.com