From owner-freebsd-security Fri Jan 12 18:34:47 2001 Delivered-To: freebsd-security@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 5BC4B37B404 for ; Fri, 12 Jan 2001 18:34:30 -0800 (PST) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.11.1/8.11.1) with SMTP id f0D2Y7714384; Fri, 12 Jan 2001 21:34:07 -0500 (EST) (envelope-from robert@fledge.watson.org) Date: Fri, 12 Jan 2001 21:34:07 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org To: Roman Shterenzon Cc: Artem Koutchine , freebsd-security@freebsd.org Subject: Re: Encrypted networked filesystem needed In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org It's important to note that even if you use IPsec, you still need to be careful with NFS, for a number of reasons. The easiest attack is a DNS spoofing attack: clients often use DNS to resolve the IP address of the server they connect to, and if they rely on unprotected DNS traffic, then they may be vulnerable to spoofing, causing them to access a different server than the one they intended to mount. And, needless to say, IPsec policy must be set appropriately for relevant IP addresses at both ends, which also need to be specified in a spoof-free manner. The best rule is to hard-code IP addresses wherever possible, or rely on /etc/hosts and appropriate resolution ordering, or to use DNSsec (if available). There are other attacks against NFS also. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message