Network File System Security - Exploiting Misconceptions and Vulnerabilities

Explore the security vulnerabilities and misconceptions surrounding the Network File System (NFS) in this 53-minute conference talk from MRMCD2024. Delve into the history of NFS, developed by Sun in 1989, and understand why its outdated network assumptions still persist in modern corporate and university environments. Learn about the scalability benefits of NFS for implementing network shares, particularly in Unix/Linux systems for mounting home directories across large IT landscapes. Discover the potential security risks when encryption and access controls are not properly implemented, even with available tools like Kerberos. Gain insights into common misunderstandings of the NFS protocol's security model and learn how these vulnerabilities can be exploited. Join speaker Sergej Schmidt as he uncovers the critical security issues in NFS and provides valuable knowledge for IT professionals and security enthusiasts.