From owner-freebsd-security Fri Nov 8 18:21:59 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA29439 for security-outgoing; Fri, 8 Nov 1996 18:21:59 -0800 (PST) Received: from offensive.communica.com.au (offensive-eth1.adl.communica.com.au [192.82.222.18]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id SAA29426 for ; Fri, 8 Nov 1996 18:21:46 -0800 (PST) Received: from communica.com.au (frenzy.communica.com.au [192.82.222.65]) by offensive.communica.com.au (8.7.6/8.7.3) with SMTP id MAA06111; Sat, 9 Nov 1996 12:52:50 +1030 (CST) Received: by communica.com.au (4.1/SMI-4.1) id AA12181; Sat, 9 Nov 96 12:50:41 CDT From: newton@communica.com.au (Mark Newton) Message-Id: <9611090220.AA12181@communica.com.au> Subject: Re: NFS Server, is it secure? To: froden@bigblue.no Date: Sat, 9 Nov 1996 12:50:41 +1030 (CST) Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <199611081903.UAA13125@login.bigblue.no> from "Frode Nordahl" at Nov 8, 96 08:02:02 pm X-Mailer: ELM [version 2.4 PL21] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Frode Nordahl wrote: > Starting up an NFS server on a FreeBSD 2.1.5 box, is it secure, given that > the configuration is correct? Are there any known holes other than > faulty configuration? Well, yes -- NFS is basically never "secure" on any platform. The NFS protocol was never designed with security in mind. If you know (or can guess) the NFS filehandle for an NFS filesystem root then you can spoof the protocol for a start. Firewall your NFS server: Its services should not be reachable from the Internet-at-large. - mark --- Mark Newton Email: newton@communica.com.au Systems Engineer Phone: +61-8-8373-2523 Communica Systems WWW: http://www.communica.com.au