AWS Announces Amazon File Cache
Amazon File Cache, a new high-speed cache service on Amazon… Continue reading AWS Announces Amazon File Cache
Category Archives: nfs
SUID Binary Doesn’t Work – TryHackMe
In the TryHackMe’s machine, there are some NFS shares that no_root_squash is enabled which allows attacker to create malicious SUID binary on the share with root privileges.
I mounted share successfully, then created a binary file with fol… Continue reading SUID Binary Doesn’t Work – TryHackMe
NFS4+Kerberos: Is the client authenticated?
Imagine the following scenario: A company network with "domain joined" linux clients (e.g they have a HOST$@DOMAIN.LOCAL principal in their keytabs file + A computer entry in the DC).
Now an attacker gains access to this network … Continue reading NFS4+Kerberos: Is the client authenticated?
What is insecure about the "insecure" option of NFS exports?
Why is it considered insecure for an NFS export to allow connections originating from high ports? Compare the manual:
exportfs understands the following export options:
secure
This option requires that requests originate on an Internet po… Continue reading What is insecure about the "insecure" option of NFS exports?
I am seeing the error rpcinfo: can’t contact rpcbind: RPC: Remote system error – No such file or directory when running the rpcinfo command [closed]
I am seeing this error message
rpcinfo: can’t contact rpcbind: RPC: Remote system error – No such file or directory
whenever I am running the command rpcinfo -p for NFS testing.
Kerberos tickets for service accounts and NFSv4 id mapping
I have a Synology NAS that I’m trying to access over NFS from a couple of systems running archlinux (a laptop and a server). I’d like to get NFSv4 id mapping working so that I don’t have to align the user ids between all these systems, and… Continue reading Kerberos tickets for service accounts and NFSv4 id mapping
Gatekeeper Bug in MacOS Mojave Allows Malware to Execute
Researcher discloses vulnerability in macOS Gatekeeper security feature that allows the execution of malicious code on current version of the OS. Continue reading Gatekeeper Bug in MacOS Mojave Allows Malware to Execute
Why is autofs insecure?
I am hardening CentOS/RHEL 7.6. The hardening documents recommend disabling the automounter, “unless it is necessary.”
Why is autofs such a problem?
One of the benefits of networking is a shared file system. What other alternatives are the… Continue reading Why is autofs insecure?
Ransomware on Mycloud NAS
I own a Mycloud NAS and it was affected by ransomware.
In the NAS there are several folders, most of them are password protected. There is also the “Public” folder which can be seen by all users and contains family photos, movies, etc… … Continue reading Ransomware on Mycloud NAS
Ubuntu VM with full disk encryption running off NFS share: implications for data security in transit over network?
I am currently experimenting with running a few VMs, and I’d like to consolidate the VM disk images on a NAS. To be clear, that means there would be a single NAS on the network, as well as several servers that run VMs. Each V… Continue reading Ubuntu VM with full disk encryption running off NFS share: implications for data security in transit over network?