[OpenAFS] Code to demo NFS/UDP weakness?
Chris Huebsch
chris.huebsch@informatik.tu-chemnitz.de
Wed, 2 Aug 2006 14:38:03 +0200 (CEST)
Hi,
On Wed, 2 Aug 2006, Daniel Clark wrote:
> The most useful article I found on the subject [3] also mentions that
> "UDP is also trivial to spoof, making it easy to get around the
> host-based access control, which relies on the IP address of the
> client." Does anyone know of code that would demo this vulnerability?
I found an other article:
http://www.fsl.cs.sunysb.edu/docs/nfscrack-tr/index.html
I think that demonstrating an unlink-operation on an insecure nfs-server
would be really impressing.
Chris
--
Chris Huebsch www.huebsch-gemacht.de | TU Chemnitz, Informatik, RNVS
GPG-Encrypted mail welcome! ID:7F2B4DBA | Str. d. Nationen 62, B204
Chemnitzer Linux-Tage 2007, 3.-4. Maerz | D-09107 Chemnitz
http://chemnitzer.linux-tage.de/ | +49 371 531-31118