On Thu, 23 Sep 2004 18:07:39 +0000, Stefan Monnier wrote:
>>> Is there any way of setting up the NFS so that it will be secure similar
>>> to when I remotely login in or transfer files with ssh?
>
>> Why would it be "in the clear"?
Clarificationn or elaboration (if only to confirm my understanding). The
login ID and password are not sent "in the clear". The logon
authentication is done locally on the machine with the user. However, once
the user is logged in then his uid/gid are used "blindly" without further
verification (in normal RPC conversations, such as with basic NFS
install). If NIS is used for name lookups (including passwd file) then
anyone can request the entire password file and attack the password
fields with any number of password cracking attacks. They cannot decrypt,
since Unix passwords are encrypted one way only, but they can try any
password(s). That is why NIS+ was better (secure transmission of
authentication information), and the secure RPC was also used for NFS.
I would say there is a management issue also. Do you let crackers into
your network? Plugging their own machines into your network? Unsupervised?
I believe illegal use of computing facilities is usually a serious
offense: cause for immediate dismissal and probably legal prosecution also.
I must confess to not being up on LDAP and what it means to NFS. Later?
> NFS traditionally doesn't use any encryption, so anyone on the network can
> eavesdrop. It's actually even worse than that because there's no
> real authentication either, so they can easily access the files.
> All in all it's pretty bad.
Well, yeah, NFS is vulnerable. It used to be less vulnerable when you
could assume that all machines used on a network were properly
administered by the sysadmins. Nowadays, if anyone can plug their own
Linux machine into a network, and they have root on that machine (natch?)
then they can define users with whatever uid/gid and have those uid/gid
used across NFS mounts. The standard/dumb NFS across normal RPC allows it.
If this is a concern, one could use secure RPC for the NFS
connections. I have only heard/read about it, and have not set this
up myself. Normally, secure RPC was used with NIS+, I believe? However, it
is possible to set it up without. Dunno what relation to LDAP. That is one
of the things I would like to do: setup secure RPC for NFS, just to know
what is involved. I'm not sure how good the secure RPC support is like on
Linux? The Linux automounter used to be semi-busted (no direct maps!).
Maybe these days we should all be concerned about secure RPC for NFS?
Incindentally, this is similar to a DOS/Windows security problem I
remember (2nd hand). Apparently, if someone on a DOS (or unsecure
Windows?) connected to a share on a secure Windows NT machine, but other
people could get into the DOS/Windows machine, or he shared stuff out from
that unsecure machine, then it effectively became a backdoor to bypass
the security on the NT machine, or some such. Google if you care.
>> I recognize that WEP imposes a performance hit, but is speed an issue?
>
> WEP only protects in the sense that it tries to control access to your
> network, but the problem is what happens to people who do have access to
> your network (or who break WEP).
Yeah, and as I mentioned, esp. those people who have "root" access to
those machines on your network. Are the doors open wide? Logged at least?
>> But NFS needs a robust network connection. My experience with wireless
>> is that it's often not "robust"... a high percentage of packets need to
>> be resent. TCP protocol can handle this better than UDP protocol upon
>
> Then use NFS over TCP, that's been available for a while now.
Good warning. Thanks. I have only come in over wireless ssh sessions (from
Windows notebook), and have not yet used any shared NFS over wireless.
--
Juhan Leemet
Logicognosis, Inc.
|
Similar Threads
Linear Mode
