Security Basics mailing list archives
Re: Secure NFS
From: "Barry Irwin" <bvi () itouchlabs com>
Date: Thu, 27 Feb 2003 09:28:39 +0200
another option would be to run NFS over a transport layer encryption like IPSEC. IPSEC is becomming more ame more widly supported and so shouldnt really be a problem. The only concern tho is that any kind of encryption will add additional load onto the systems. This can be mitigated by careful selection of the type of encryption, as well as additional hardware if neccessary. I prefer this solution as it builds on existing tech rather than adding in bits and pieces to Daemons, which could raise compatability issues. Barry -- Barry Irwin bvi () itouchlabs com Tel: +27214875178 Systems Administrator: Networks And Security iTouch TAS http://www.itouchlabs.com Mobile: +27824457210 ----- Original Message ----- From: "Peet Grobler" <peetgr () absa co za> To: <slaanesh () netcourrier com>; <security-basics () securityfocus com> Sent: Friday, February 21, 2003 7:09 AM Subject: RE: Secure NFS I've been wondering about this for a while now... Everybody knows NFS is insecure. Right. So no-one uses it. Why not simply modify NFS to use encryption? Why not? Not tunneling, modify the source to either (a) establish ssl connections, or (b) manually encrypt all traffic (I would prefer this one).
Current thread:
- Secure NFS slaanesh (Feb 20)
- RE: Secure NFS Peet Grobler (Feb 22)
- Re: Secure NFS Gene Yoo (Feb 24)
- Re: Secure NFS Barry Irwin (Feb 27)
- Re: Secure NFS Michael Osten (Feb 28)
- Re: Secure NFS Bear Giles (Feb 28)
- RE: Secure NFS Peet Grobler (Feb 22)