On Sun, 24 Nov 2002 00:13:52 -0500 "Brett I. Holcomb" <[EMAIL PROTECTED]> wrote:
> Jerry, what do we need to look out for as far as security goes for NFS > systems? I was of the understanding NFS can have security problems. > > If it's firewalled, the only security concern is internal. If you open the firewall up for access by clients across the network, you open yourself for all kinds of trouble as NFS transactions are totally "in the clear". And I got news for you... samba ain't much better. :') NFS falls easy victim to any hacker that can sniff a packet and arrange a spoof attack. I found a wonderfully content rich article covering the fine points of hardening your NFS connections via ssh at Sys Admin Magazine... If I may quote: "The main problems with NFS are that it relies on the inherently insecure UDP protocol, transactions are not encrypted, hosts and users cannot be easily authenticated, and its difficulty in firewalling..." The complete article covering the fine points of hardening your NFS connections via ssh is at: http://www.samag.com/documents/s=4072/sam0203d/sam0203d.htm -- ****************************************************************************** Registered Linux User Number 185956 http://groups.google.com/groups?hl=en&safe=off&group=linux Join me in chat at #linux-users on irc.freenode.net 12:41am up 1 day, 2:25, 3 users, load average: 0.20, 0.28, 0.28 _______________________________________________ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
