Here is a secure ypserv implementation.

If you enable the tcp wrappers security lookups in the Makefile, then the
server `ypserv' will use your /etc/hosts.allow and /etc/hosts.deny files
(which most people already have). You must have the library libwrap.a and
log_tcp.h from the tcp_wrappers source distribution. I used version 6.3 of
the wrappers.

Read the tcp_wrappers manpages on how to enable/disable hosts from querying
your server.

One note of warning. Always use IP numbers instead of hostnames, because
otherwise gethostbyname() will then call the server `ypserv', and the server
is_host_valid() function will call gethostbyname() which will then call the
server `ypserv' ad infinitum.... The tcp_wrappers let you easily specify
a domain in number notation for all hostnames contained in the last octet.
So for example in a class C network 192.16.192.0, to allow all local hosts
to query your server, but deny everyone else you can specify the following
lines:

In /etc/hosts.allow

	ypserv: 192.16.192.

and the /etc/hosts.deny file

	ypserv: ALL

Good luck
Mitch