jbn@GLACIER.STANFORD.EDU.UUCP (04/07/87)
Quit worrying about "rwall". All one can do with that is annoy people. Worry about Sun NFS and Berkeley RLOGIN, both of which assume that hosts are "good guys". Consider the following: If you have the means to impersonate any host by setting an interesting number in your source IP address, and can see the replies coming back, you can access any remotely accessable file on any NFS server. If you are on the same LAN, this is trivial; otherwise it may take some eavesdropping or gateway tampering to bring it off. Note, by the way, that large networks constructed with low-level bridges are especially vulnerable to this type of attack. (This is not to be construed as an argument that IP routers provide some kind of security). With the advent of PC-based NFS clients, NFS break-in can be accomplished with low-cost hardware and requires minimal technical sophistication. NFS is useful. NFS is clever. NFS is efficient. NFS works. NFS has security holes though which one could drive an armored division. Don't blame Bill Joy; he's the one who insisted that SUN machines have sockets for DES chips. However, DoD's export controls on cryptographic equipment discourage the use of crypto hardware in commercial equipment. So the socket is invariably empty. DoD has shot itself in the foot on this one. John Nagle