>"Baba Z Buehler" writes: > >I just read a post in comp.security.unix entitiled "widespread security hole >in exporting of filesystems" which claims there are ways to break into a >system that has filesystems exported to itself. People might want to use the nfsbug detector by Leendert van Doorn. I don't know if it's in the PD, but it will test an NFS server for several (known) security holes. Output from it might look like: % ./nfsbug -h barth.somewhere.com MOUNTABLE FILE SYSTEM bart.somewhere.com:/home/bart1 (via portmapper) MOUNTABLE FILE SYSTEM bart.somewhere.com:/home/bart2 (via portmapper) MOUNTABLE FILE SYSTEM bart.somewhere.com:/home/bart3 (via portmapper) MOUNTABLE FILE SYSTEM bart.somewhere.com:/var/mail (via portmapper) If someone know it's a PD thing, either post a reference for the official FTP site, or post the shar file here. Perhaps someone knows the author and can ask him? -- Leif /* * nfsbug.c * * Test hosts for well known NFS problems/bugs. Among these tests are: * find world wide exportable file systems, determine whether the * export list really works, determine whether we can mount file systems * through the portmapper, try to guess file handles, excercise the * mknod bug, and the uid masking bug. * * Author: * Leendert van Doorn, april 1994 * * TODO: * - close sockets (?) */