From owner-freebsd-questions@FreeBSD.ORG  Sat Jul  3 23:15:08 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B55A116A4CF
	for <freebsd-questions@freebsd.org>;
	Sat,  3 Jul 2004 23:15:08 +0000 (GMT)
Received: from enterprise.thenetnow.com (enterprise.thenetnow.com
	[65.39.193.152])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4B62843D48
	for <freebsd-questions@freebsd.org>;
	Sat,  3 Jul 2004 23:15:08 +0000 (GMT)
	(envelope-from gpeel@thenetnow.com)
Received: from grant (hpeel.ody.ca [216.240.12.2])i63N7kA27580;
	Sat, 3 Jul 2004 19:07:46 -0400 (EDT)
	(envelope-from gpeel@thenetnow.com)
Message-ID: <002301c46153$9302a360$6601a8c0@grant>
From: "Grant Peel" <gpeel@thenetnow.com>
To: "Chuck Swiger" <cswiger@mac.com>
References: <00ba01c460fe$d9cae910$6601a8c0@grant> <40E6FBF2.1060201@mac.com>
Date: Sat, 3 Jul 2004 19:15:04 -0400
Organization: The Net Now
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1409
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
cc: freebsd-questions@freebsd.org
Subject: Re: NFS and Backups
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Grant Peel <gpeel@thenetnow.com>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Jul 2004 23:15:08 -0000

So, If I set the exports so that it used 192.168.x.x, and, my managed switch
is only set to alow members of my vlan to use those IPs, I should be OK in
that case?

-Grant


----- Original Message ----- 
From: "Chuck Swiger" <cswiger@mac.com>
To: "Grant Peel" <gpeel@thenetnow.com>
Cc: <freebsd-questions@freebsd.org>
Sent: Saturday, July 03, 2004 2:33 PM
Subject: Re: NFS and Backups


> Grant Peel wrote:
> > I have recently decided to use some extra disk space on one of my
servers as
> > backup space. I have NFS client and Servers running OK, but was
wondering how
> > secure it really is.
>
> NFS is not secure at all.  If you don't trust the local subnet, don't use
NFS
> there.  Certainly don't use NFS across the Internet, unless using a secure
> tunnelling/VPN protocol....
>
> > So if in my nfsd configuration, I specify a host called 'ahab' for
example,
> > how does the nfsd authenticate this host, and how secure is it?
>
> NFS doesn't authenticate the host.  NFS trusts the resolver when reversing
the
> IP addr into a hostname.
>
> -- 
> -Chuck
>
>