[852] in linux-security and linux-alert archive
Re: [linux-security] A secure (?) nfs-server ?
daemon@ATHENA.MIT.EDU (John Fulmer)
Tue Jun 25 18:01:17 1996
Date: Tue, 25 Jun 1996 08:23:32 -0500
From: John Fulmer <jfulmer@blanket.com>
To: linux-security@tarsier.cv.nrao.edu
Leonardo Costantini 339846/IL wrote:
>
> Hi all
>
> I need to install a REAL secure nfs, can someone tell me wich version
> should I use ?
>
> Should I looking for a new rpc.portmapd too?
Isn't "secure nfs" an oxymoron? I'm not so sure that you could ever
secure NFS or the portmapper up enough to call it secure.
If your LAN is trusted, and you operate it behind a firewall, it would
probably be pretty secure, and I'm sure that there are a few tricks
("secure" RPC, etc) that could help. But I don't think you could ever
consder NFS secure enough for wide area use. If you just need to
transfer files, consider some kind of secure encrypting transfer
protocol. There are a few of them out right now.
jf
--
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ John Fulmer | "As folks might have suspected, +
+ Secure Network System | not much survives except roaches, +
+ Lawrence, Kansas | and they don't carry large enough +
+ | packets fast enough..." +
+ jfulmer@blanket.com | --Dave Crocker, about the +
+ http://www.blanket.com | Internet and nuclear war. +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++