Bugtraq mailing list archives
Re: NFS exporting
From: perry () snark imsi com (Perry E. Metzger)
Date: Wed, 13 Apr 1994 13:39:33 -0400
Scott D. Yelich says:
I'd like to start a thread on the security issues surrounding using NFS and NFS exporting. First a little background: I'm starting up my own public access internet site and I am concerned about security issues relating to NFS. Here's an introductory question: How much does secure nfs (rpc) gain for you?
Secure rpc buys you only a little bit -- it requires a bit of skill to break it, but it will doubtless be easy to break when someone posts a cracking script to the net sometime. As for NFS in general, its useless. As soon as you export an NFS partition to the net (at least if you export it writable), you can kiss your machine goodbye. Among other nasty tricks, even without the mountd giving you any informaiton on the host you can just flood the machine with unlink requests or guess inode generation numbers or other such things. NFS is a hunk of junk. Perry
Current thread:
- NFS exporting Scott D. Yelich (Apr 13)
- Re: NFS exporting Perry E. Metzger (Apr 13)
- Re: NFS exporting Mike Evans (Apr 13)
- Re: NFS exporting Aggelos D. Keromitis (Apr 13)
- Re: NFS exporting Perry E. Metzger (Apr 13)
- Re: NFS exporting Michael Neuman (Apr 13)
- Re: NFS exporting Perry E. Metzger (Apr 14)
- Re: NFS exporting Paul Graham (Apr 14)
- Re: NFS exporting Perry E. Metzger (Apr 15)
- Re: NFS exporting Perry E. Metzger (Apr 13)
- <Possible follow-ups>
- Re: NFS exporting smb () research att com (Apr 13)
- Re: NFS exporting Carl Corey (Apr 13)
- Re: NFS exporting Perry E. Metzger (Apr 14)