Skip to main content

Discuss security issues in Network File system.

By
71.Discuss security issues in Network File system.
Ans.
1. NFS protocol version 3 and older have some security problems that make it unsuitable for use across the Internet and potentially unsafe for use even in trusted network.

 2. One NFS weakness, in general terms, is the /etc/exports file, if a cracker is able to spoof or take over a trusted address, an address listed in /etc/exports then your exported NFS mount are accessible.

 3. NFS has normal Linux file system access controls that take over once a client has mounted an NFS export, once this happens normal user and group permissions on the files take over access control.

 4. The 1st way to defense is to use host access control, to limit access to services , particularly the portmapper, which has long been target of exploits attempts.

 5. For this add the entries in /etc/hosts.clevy lockd, statd, mountd and rquoted.

 6. Careful use of IS packet firewall, using netfilter, dramatically increases NFS server security.

 7. Netfilter is stronger than NFS daemon level security or even TCP wrappers because it restricts access to your server at the packet level.

 8. mountd, lockd, statd and rquotad do not bind to any specific port i.e. they use a port number randomly assigned by the portampper.

Labels:

Comments

Post a Comment

Popular posts from this blog

Explain how to configure DHCP client?

By
50.Explain how to configure DHCP client? Ans. 1. Before configuring DHCP, NIC should be configured properly and recognized by the system. 2. After that it’s easy to command system to use DHCP to obtain its IP information. 3. Configuring DHCP client involves following steps : a. Open the /etc/sysconfig/networkscripts/ifcfg-eth0 file. b. Find the line bootproto=static c. Change the static to dhcp. d. Save changes. e. Restart the network by issuing command ‘service network restart’, after that system will receive its IP information from the DHCP server.
Post a Comment
Read more

Explain memory and virtual file system in Linux.

By
22.Explain memory and virtual file system in Linux. Ans. 1. These file systems do not exist on disk in the same way that traditional file systems do, they either exists entirely in the system memory or they are virtual because they are an interface to system devices. 2. cramfs: cramfs is designed to cram a file System onto a small flash memory device, so it is small, simple and able to compress things well. The largest file size is 16MB and the largest file system size is 256MB since cramfs is so compressed, it isn’t instantly updateable. 3. tmpfs: tmpfs is structured around the idea that whatever is put in the /tmp file system is accessed again shortly, tmpfs solely in memory, so what you put in /tmp doesn’t persist between reboots. 4. ramfs: ramfs is basically cramfs without the compression. 5. romfs: This is a read only file system that is mostly used for initial ramdisks of installation disks. It was designed to take up very little space, so you could fit a ke...
Post a Comment
Read more

QT practicals files

By
Temporarily Available: Click below to download|||||||||||
Post a Comment
Read more