Bugtraq mailing list archives
Re: RPC protocol problem?
From: mouse () Collatz McRCIM McGill EDU (der Mouse)
Date: Wed, 24 Aug 1994 08:59:07 -0400
Yes, if you export to yourself and your nfs isnt set up securely, then you can call the portmapper command to do the mount call. Thus , it appears the mount command came from localhost. That gets the filehandle to the intruder and bingo for him. To take corrective measures, dont export to yourself and/or turn on priviledge port checking within nfs.
Or do what at least one site I know of does - don't pass NFS packets through the border. The site in question is connected to the net through a box that silently drops NFS packets...so you can (probably) get their file handles this way, but can't do diddly with them once you have them. der Mouse mouse () collatz mcrcim mcgill edu
Current thread:
- Re: RPC protocol problem?, (continued)
- Re: RPC protocol problem? Steinar Haug (Aug 23)
- Re: RPC protocol problem? Leif Hedstrom (Aug 23)
- Re: RPC protocol problem? Gene Spafford (Aug 23)
- Re: RPC protocol problem? Doug Davis (Aug 23)
- Re: RPC protocol problem? Pat Myrto (Aug 24)
- Re: RPC protocol problem? jsz (Aug 24)
- Re: RPC protocol problem? Doug Davis (Aug 23)
- Re: RPC protocol problem? [patch for SGI systems] Steve Kotsopoulos (Aug 23)
- Re: RPC protocol problem? [patch for Sun/Solaris systems] Luc Saccavini (Aug 24)
- Re: RPC protocol problem? Christopher Klaus (Aug 23)
- Re: RPC protocol problem? James W. Abendschan (Aug 23)
- Re: RPC protocol problem? der Mouse (Aug 24)
- Re: RPC protocol problem? prince of insufficient light (Aug 24)
- Re: RPC protocol problem? Eric Conrad (Aug 24)
- Re: RPC protocol problem? jsz (Aug 24)
- Re: RPC protocol problem? Rafi Sadowsky (Aug 24)
- Re: RPC protocol problem? Eric Conrad (Aug 25)
- Re: RPC protocol problem? Casper Dik (Aug 29)
- Re: RPC protocol problem? Casper Dik (Aug 29)
- Re: RPC protocol problem? jsz (Aug 24)
- Re: RPC protocol problem? Jukka Ukkonen (Aug 25)
- Re: RPC protocol problem? Dave Goldberg (Aug 25)