[OpenAFS] Code to demo NFS/UDP weakness?
Wed, 2 Aug 2006 08:22:34 -0400
I'm putting together a "NFSv3 is disgustingly insecure, we should move
to OpenAFS" type presentation for my management . I've found
explanations to be less than completely understood, so I've decided to
put together a demo.
I've already found nfsshell , a commonly available user-level
program that among other things allows creation of NFS requests as any
other user on a system.
The most useful article I found on the subject  also mentions that
"UDP is also trivial to spoof, making it easy to get around the
host-based access control, which relies on the IP address of the
client." Does anyone know of code that would demo this vulnerability?
 NFSv4 isn't an option due to platform support requirements.
 Leendert van Doorn's nfsshell
 ;LOGIN: February 2005 pg. 17 - Rik Farrow's Musings