NFS and firewalls
Ken D'Ambrosio
kend at xanoptix.com
Wed Feb 2 09:17:01 EST 2005
Benjamin Scott wrote:
>NFS (and the portmapper it depends on) has so many security
>problems (both in design and implementation) that it's kind of pointless.
>
>
Good point...
> <>The solution has always been to put your NFS behind your firewall.
<>It is. [And, as your disclaimer read, 'this does not apply to me'.]
However, before putting stuff up on the "outside," I always enjoy using
it on my personal machine. That way, if, say, it causes one's disk to
suddenly become re-formatted, no big deal.
> This may not apply to the more recent flavors of NFS, which support more
>security features and can run over TCP. Since I don't know jack about them,
>I can't comment one way or the other.
>
>
A very interesting point, and one I hadn't previously entertained. I
just may fire up "NFS over TCP", and see what happens. Thanks for the
idea...
-Ken
More information about the gnhlug-discuss
mailing list