Bugtraq mailing list archives
Re: NFS exporting
From: perry () snark imsi com (Perry E. Metzger)
Date: Thu, 14 Apr 1994 08:42:29 -0400
Carl Corey says:
Now, are we talking exporting writeable to everyone, or _any_ NFS exported writeable partition?
Any NFS partition exported writable to anyone at all is vulnerable, yes. THIS SHOULD NOT BE NEWS TO ANYONE. I'm shocked that anyone is suprised by this.
How would it be exploited?
People can read and write your disk. In addition, anyone with access to your network can spoof NFS packets and either interfere with your view of whats on the disk or with the server's idea of what you are attempting to write (or read). The latter portion should be obvious -- its easy to mount an active attack on a udp based protocol -- but the former (that people can spoof NFS very efficiently even without active attacks on legitimate packet exchanges) should be well known.
Is there a way to keep people from exploiting it (besides not exporting it)?
Yeah. Put in a firewall router to keep RPC packets from going into or out of your network. Use a better file system (like AFS). Another possibility is using kerberized secure RPC or some such that doesn't depend on the (very flawed) original secure RPC key exchange. Myself, I'd favor a combination of these things, including firewalling. Perry
Current thread:
- Re: NFS exporting, (continued)
- Re: NFS exporting Perry E. Metzger (Apr 13)
- Re: NFS exporting Mike Evans (Apr 13)
- Re: NFS exporting Aggelos D. Keromitis (Apr 13)
- Re: NFS exporting Perry E. Metzger (Apr 13)
- Re: NFS exporting Michael Neuman (Apr 13)
- Re: NFS exporting Perry E. Metzger (Apr 14)
- Re: NFS exporting Paul Graham (Apr 14)
- Re: NFS exporting Perry E. Metzger (Apr 15)
- Re: NFS exporting Perry E. Metzger (Apr 13)
- Re: NFS exporting Perry E. Metzger (Apr 14)
- Re: NFS exporting Rob Quinn (Apr 14)
- Re: NFS exporting Perry E. Metzger (Apr 14)
- Re: NFS exporting Steve Simmons (Apr 14)
- Re: NFS exporting Perry E. Metzger (Apr 14)