Title: Unrestricted NFS access - why is it bad? (Re: SATAN) Subject: I've been told my subnet contains host that NFS export file systems to any host on the Internet. Why is that bad? Answer: For details on vulnerabilities due to unrestricted NFS exports, see: http://weber.u.washington.edu/~dittrich/misc/satan/docs/tutorials/vulnerability/unrestricted_NFS_export.html http://weber.u.washington.edu/~dittrich/misc/satan/docs/tutorials/vulnerability/NFS_export_to_unprivileged_programs.html http://weber.u.washington.edu/~dittrich/misc/satan/docs/tutorials/vulnerability/NFS_export_via_portmapper.html ftp://ftp.cert.org/pub/cert_advisories/CA-94:15.NFS.Vulnerabilities Author: Cheswick, William R. Title: Firewalls and Internet security : repelling the wily hacker / William R. Cheswick, Steven M. Bellovin. Pub. Info.: Reading, Mass. : Addison-Wesley, c1994. LC Subject: Internet-Computer-network. Computer-networks -- Security-measures. Status: Engineering General Stacks TK5105.875.I57 C44 1994 TK5105.875.I57 C44 1994 Author: Stern, Hal. Title: Managing NFS and NIS / Hal Stern. Pub. Info.: Sebastopol, CA : O'Reilly & Associates, 1992, c1991. LC Subject: Computer-network-protocols. Computer-network-architectures. Computer-networks. Status: Engineering General Stacks TK5105.5 .S799 1992 Author: Garfinkel, Simson. Title: Practical UNIX security / Simson Garfinkel and Gene Spafford. Pub. Info.: Sebastopol, CA : O'Reilly & Associates, [1992], c1991. LC Subject: Operating-systems-Computers. Computer-security. Computers -- Access-control. UNIX-Computer-file. Status: Engineering General Stacks QA76.76.O63 G38 1992 Author: Curry, David A. Title: Unix System Security: A Guide for Users & System Administrators Publisher: Addison-Wesley 01/1992 Year: 1992 Pages: 256p. Illustrated Price: Trade $29.95 Status: Active entry ISBN: 0201563274 Subject: COMPUTER-SECURITY Date: 9/95 Author: D. Dittrich