Networking | Programming | Security | Linux | Computer Science | About

NFS Security

The Linux/Unix Network File System (NFS) is used to mount remote file systems (similar to shares in Windows) from the local machine. Given the remote access nature of NFS, it certainly has its fair share of hacks.

NFS hacks

If NFS was set up improperly or its configuration has been tampered with — namely, the /etc/exports file containing a setting that allows the world to read the entire file system — remote hackers can easily obtain remote access and do anything they want on the system.

Assuming no access control list (ACL) is in place, all it takes is a line, such as the following, in the /etc/ exports file:

/ rw

This line says that anyone can remotely mount the root partition in a read‐ write fashion. Of course, the following conditions must also be true:

This remote‐mounting capability is easy to misconfigure. It’s often related to a Linux administrator’s misunderstanding of what it takes to share out the NFS mounts and resorting to the easiest way possible to get it working. If someone can gain remote access, the system is theirs.

Countermeasures against NFS attacks

The best defense against NFS hacking depends on whether you actually need the service running.

If you don’t need NFS, disable it. If you need NFS, implement the following countermeasures:

Published on Thu 12 March 2015 by Mal Torrance in Security with tag(s): nfs-security