> > Bug Trackers: > > I suspect this is old stuff to many folks out there, but it is new stuff > to me (as a result of being a victim of security through obscurity). > A site I am associated with had its filesystems mounted by some site > back East (we are on the West Coast) a few days ago. One reason for [..] > I was also told that people could write a program to access NFS filesystems > using the Xwindows port (whatever porT THAT is), and defeat all the export > limitiations. The person telling me this knows no details himself, "someone > told him" apparantly, so that tidbit is next to useless to me. This sounds blatently wrong. There is a loophole that lets one bypass export limitations *in special circumstances* by going through the portmapper (portmapper will happily forward your request, replacing the vital source address information and replacing it with a local address... how to exploit is left as an exercise). What you can do to make life a little easier on yourself is get Wietse's portmapper which features better access control and better logging. This will solve some problems of people going through the portmapper as well as help you track down other problems. This is not a total fix however as any attacker can simply hunt for the port that mountd and nfsd are on without ever talking to the portmapper. > pat@rwing [If all fails, try: rwing!pat@ole.cdac.com] Pat Myrto - Seattle WA > "No one has the right to destroy another person's belief by demanding > empirical evidence." -- Ann Landers, nationally syndicated advice columnist > and Director at Handgun Control Inc.