Date: Sat, 9 Nov 1996 12:50:41 +1030 (CST) From: newton@communica.com.au (Mark Newton) To: froden@bigblue.no Cc: freebsd-security@FreeBSD.ORG Subject: Re: NFS Server, is it secure? Message-ID: <9611090220.AA12181@communica.com.au> In-Reply-To: <199611081903.UAA13125@login.bigblue.no> from "Frode Nordahl" at Nov 8, 96 08:02:02 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Frode Nordahl wrote:
> Starting up an NFS server on a FreeBSD 2.1.5 box, is it secure, given that
> the configuration is correct? Are there any known holes other than
> faulty configuration?
Well, yes -- NFS is basically never "secure" on any platform. The
NFS protocol was never designed with security in mind.
If you know (or can guess) the NFS filehandle for an NFS filesystem
root then you can spoof the protocol for a start.
Firewall your NFS server: Its services should not be reachable from
the Internet-at-large.
- mark
---
Mark Newton Email: newton@communica.com.au
Systems Engineer Phone: +61-8-8373-2523
Communica Systems WWW: http://www.communica.com.au
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9611090220.AA12181>