( catching up on old Firewalls Digests ... old thread, but new take. )
"From: morgan @
edu (Wes Morgan)
Date: Thu, 6 Jan 94 07:35:08 EST
Subject: Re: Opinion requested
>Some archives offer filesystems to NFS just like they offer FTP.
"I know of exactly *one* such public NFS offering - wuarchive.wustl.edu.
If there are other public NFS mounts, they aren't being publicized very
This got me thinking, and I tried the following on a machine adminis-
-tered by the most competent network programmer of my acquaintance.
( Name omitted in interests of security and simplicity. )
% rpcinfo -p gw.home.vox.com
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100003 2 udp 2049 nfs
100003 2 tcp 2049 nfs
100005 1 udp 677 mountd
100001 3 udp 670 rstatd
100001 2 udp 670 rstatd
100001 1 udp 670 rstatd
Hmm. So 'vox' is running NFS, are they ? Wonder what they have ?
% showmount -a gw.home.vox.com
Now, at this point, the next step is an obvious one. I'll refrain.
( I trust the owner of vox.com will take this in stride and start
thinking of ways to counter this avenue of attack ... and I would
like to thank him for providing this random snapshot example. )
So, here's my question. I am not trying to be a sophist here, I am
attempting to step through the sequence of steps at the granularity
which would be found in a real legal analysis.
Was this information being broadcast ? I would say, 'yes'. Perhaps
it is not being "broadcast", per se, but it is willingly being
narrowcast to anyone or anything that asks.
Is reading information indicating the existence of a filesystem any
better or worse than reading information contained within the file-
-system ? That is, both are information. The first is examining the
attributes of a _filesystem_ ... the second is examing attributes of
_files_ and _directories_, presumably their contents as well. It's
a subtle question, one that surely others have debated over years of
Unixdom. The consensus is clear, however ... _attributes_ of a container
are not equivalent to _contents_ of a container, although both can be
regarded as information, and, to some degree, equally proprietary.
Is it the act of _mounting_ a filesystem that is evil ... or the act
of accessing the information within the filesystem, after mounting ?
One might argue that mounting is preparatory to reading ... but, so,
too, is examining NFS mounts preparatory to mounting ... and so, too,
is sending a 'ping' to make sure the system is up before doing the
'rpcinfo', which was preparatory to the 'showmount'.
The points I'm trying to make here, are twofold.
(1) Establishing that an attempt to mount a filesystem
is a hostile act, ipso facto, is non-trivial under
the above circumstances.
(2) Determining whether a given filesystem is intended
to be a shared resource or not without trying to
mount it, while possible, is more complex than just
trying to mount it. Reading the manual is all very
well but a quick experiment or two works faster and
often reveals valuable insights left out of manuals.
( I speak from 7 years of solid admin experience. )
I think, in general, this potential points to bad administration, as
much as it does to corrupt network crackers. A properly configured
system shouldn't be that easily compromisable, and if it is, the man-
-agement needs to face the grim facts of headcount, and distribution
of "root" authority, and centralization of workstation management and
disk resource management, so that such poor administration does not
occur, in the first place.
In closing, I'd like to note that there are at least two sites with far
tighter security ... try rpcinfo on, say, research.att.com, compared to
gatekeeper.dec.com ... or compare the latter with gatekeeper.oracle.com.
( This is not intended to reflect negatively towards gatekeeper.dec.com,
which provides an immeasurable service to the Internet community, and,
presumably, prefers convenience over security. )
So there is definitely room for improvement ...
PS : I'm not a lawyer. But I *am* actively studying the law. So take my
opinion for what it's worth ... and go to a law library and see, yourself,
what the pertinent laws seem to say. ( There is a lot of room for people
conversant in both computerese and legalese, these days ; boom market, if
anyone's thinking of changing careers. :-)
Ra is the sun god ... He's such a *fun* god ...
Ra !! Ra !! Ra !!
richard childers san francisco, california pascal @