Hosting Provided By

Re: Secure NFS

From: Barry Irwin <bvi(at)itouchlabs.com>
Date: Thu Feb 27 2003 - 02:28:39 EST

another option would be to run NFS over a transport layer encryption like IPSEC. IPSEC is becomming more ame more widly supported and so shouldnt really be a problem. The only concern tho is that any kind of encryption will add additional load onto the systems. This can be mitigated by careful selection of the type of encryption, as well as additional hardware if neccessary.

I prefer this solution as it builds on existing tech rather than adding in bits and pieces to Daemons, which could raise compatability issues.

Barry

--
Barry Irwin         bvi@itouchlabs.com                    Tel:
+27214875178
Systems Administrator: Networks And Security
iTouch TAS      
http://www.itouchlabs.com         Mobile: +27824457210


----- Original Message -----
From: "Peet Grobler" 
To: ; 
Sent: Friday, February 21, 2003 7:09 AM
Subject: RE: Secure NFS
I've been wondering about this for a while now...

Everybody knows NFS is insecure. Right. So no-one uses it. Why not simply
modify NFS to use encryption? Why not?

Not tunneling, modify the source to either (a) establish ssl connections, or
(b) manually encrypt all traffic (I would prefer this
one).

Received on Thu Feb 27 12:34:39 2003

This message: [ Message body ]
Next message: Tim Heagarty: "RE: e-mail policies"
Previous message: Moeckel, Sharon: "RE: e-mail policies"
In reply to: Peet Grobler: "RE: Secure NFS"
Next in thread: Michael Osten: "Re: Secure NFS"
Reply: Michael Osten: "Re: Secure NFS"
Reply: Bear Giles: "Re: Secure NFS"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:50 EDT