[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Jonathan Melhuish wrote:It is possible to spoof MAC addresses, isn't it?
I'm using Debian on both client and server, BTW (stable on the server,
unstable on the client).
NFS v2 uses UID and trusts both ends to have the same ideas on UID's.
Thus the quick and dirty approach is to fix MAC addresses to static IP's
(man arp?) and to only share to IP's you trust (man exports?). Won't
keep the determined and knowledgable out - but the squirrels won't read
your files.
Probably the smart thing is to run a VPN, and share to VPN users only,And performance overhead, presumably.
putting some encryption between your stuff and the public, but that
sounds a lot of work.
I kind of lost track of the extra security features in later versions ofIs SMB a reasonable alternative? I tried to set up a password-protected read/write "share" on Samba for my user only, and added a user with smbpasswd. It mounts fine on my laptop, I can cd to the directory, but when I do an "ls", it hangs the terminal :-(
NIS and NFS - soon came to the conclusion you keep those bits a long way
away from the bad guys (and malware).
-- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.