From owner-freebsd-security Sun Jan 14 21:14:26 2001 Delivered-To: freebsd-security@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id CA66D37B699 for ; Sun, 14 Jan 2001 21:14:09 -0800 (PST) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f0F5E5I11468; Sun, 14 Jan 2001 21:14:05 -0800 Date: Sun, 14 Jan 2001 21:14:05 -0800 From: Brooks Davis To: David Andreas Alderud Cc: _Security Subject: Re: Encrypted networked filesystem needed Message-ID: <20010114211405.A10193@Odin.AC.HMC.Edu> References: <003e01c07db6$fac4b850$6400a8c0@xgod> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <003e01c07db6$fac4b850$6400a8c0@xgod>; from aaldv97@student.vxu.se on Sun, Jan 14, 2001 at 12:17:20AM +0100 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [Please wrap lines to < 80 columns.] On Sun, Jan 14, 2001 at 12:17:20AM +0100, David Andreas Alderud wrote: > It might be a good idea to take a look at NIS+ if you want to use NFS, > there still some problems but considering how simple it is to > use NIS+ it's really good, NIS+ removes most if the problems with DNS. > The reasons for using NIS+ is mainly because it's designed to work > with NFS, both coming from Sun Microsystems. The sad fact is that if you can't trust your wire, you can't trust NIS+. It's vulnerable to even the lamest man in them middle attack. The basic problem is that SecureRPC (on which NIS+ is based) doesn't validate the body of the packet, just the headers. For example, it's quite trivial to write a man in the middle attack that turns any valid user into a user with an arbitrary user id (perhaps zero ;-) and a known password if you use NIS+ for logins. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message