NFS mounts: security hole on firewall?
I know this is probably a stupid question, but I'm trying to be paranoid and
leave nothing to chance. If I'm NOT running an nfs server of any kind on my
firewall, but I am mounting an nfs share from my private network to my
firewall, am I opening myself up to any big security risks? I plan to lock
down all incomming port connections below 1024, except for sshd's port.
I want to be able to parse /var/log and display annomolies in an
internal-only web-page, and I thought it'd be safer & faster if I did it on
my server (dual celeron), rather than my firewall (486).
You don't have to qualify your answers with any of the following scenearios:
o Firewall is compromised from other security hole.
o Weird networking/kernel bug not related to nfs directly
o Acts of root ("God, root; what is difference?")
o Local security problems. I can trust my wife not hack from within our
house ;-)
--
Bedfellows make strange politicians.
Reply to: