"Aggelos D. Keromitis" says: > In message <9404131739.AA26622@snark.imsi.com>, "Perry E. Metzger" writes: > >Secure rpc buys you only a little bit -- it requires a bit of skill to > >break it, but it will doubtless be easy to break when someone posts a > >cracking script to the net sometime. > > > Well, this depends on what kind of RPC protection you're using; Un*x is > weak (non-existant). However the one based on DES is adequate > against the everyday cracker. No it is not. The exponential key exchange is completely flawed -- it can be broken quite easily. See the paper by LaMachia and Odlyzko. The key exchange is a complete joke. You never even need to crack the DES key -- you can simply extract it. As I say, this currently requires skill, but at some point someone will doubtless point a script to do that and then its all pretty much pointless after that. > >As for NFS in general, its useless. As soon as you export an NFS > >partition to the net (at least if you export it writable), you can > >kiss your machine goodbye. Among other nasty tricks, even without the > >mountd giving you any informaiton on the host you can just flood the > >machine with unlink requests or guess inode generation numbers or > >other such things. NFS is a hunk of junk. > > > Well, this is more or less true...mountd can be circumvented (hope i got this > right) and one can send direct rpc/nfs requests to the nfsd...the hard part > is actually guessing a valid file handle (32 byte number!). > I have read in some documents that regular use of fsirand, a program which > supposedly assigns to each file/dir a unique file handle, greatly reduces > chances of a wild guess... There are techniques you can exploit here that make hijacking an NFS partition or simply destroying it way too simple. Perry