Having had a quick look at the threads pointed to above, I just wanted to make some points.
1) NFS is not *secure*. I really, really mean this.
2) If you *need* to run it (to be honest you shouldn't have any reason to) then make sure you do the following:
* restrict the export as much as possible in /etc/exports (using ro, nosuid, nodev ad nauseum)
* make the inode of the mounted directory as high as possible.
* use /etc/inetd.sec to restrict requests to rpc.mountd
You might have questions about the second recommendation, but if you understand how NFS works it makes sense; in a nutshell:
1. Client request permission to mount directory from rpc.mountd
2. Mountd checks /etc/exports to see whether it has permissions. If so it returns a file handle.
3. NFS client talks to NFS server to request files/meta data, *using the file handle*
Hence, if an attacker can snarf the file handle they can access all exported information.
Because of weaknesses in HP's NFS file handles it is relatively easy to grab a file handle - but this depends on the size of the inode of the exported directory - hence the higher up it is, the less the risk. (ie 2 is bad 56784943 is better)
dave (NFS is evil)
