mailing list archives
Re: Secure NFS
From: "Barry Irwin" <bvi () itouchlabs com>
Date: Thu, 27 Feb 2003 09:28:39 +0200
another option would be to run NFS over a transport layer encryption like
IPSEC. IPSEC is becomming more ame more widly supported and so shouldnt
really be a problem. The only concern tho is that any kind of encryption
will add additional load onto the systems. This can be mitigated by careful
selection of the type of encryption, as well as additional hardware if
I prefer this solution as it builds on existing tech rather than adding in
bits and pieces to Daemons, which could raise compatability issues.
Barry Irwin bvi () itouchlabs com Tel:
Systems Administrator: Networks And Security
iTouch TAS http://www.itouchlabs.com Mobile: +27824457210
----- Original Message -----
From: "Peet Grobler" <peetgr () absa co za>
To: <slaanesh () netcourrier com>; <security-basics () securityfocus com>
Sent: Friday, February 21, 2003 7:09 AM
Subject: RE: Secure NFS
I've been wondering about this for a while now...
Everybody knows NFS is insecure. Right. So no-one uses it. Why not simply
modify NFS to use encryption? Why not?
Not tunneling, modify the source to either (a) establish ssl connections, or
(b) manually encrypt all traffic (I would prefer this