- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- NFS Share User Mountable
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-14-2016 09:12 AM
03-14-2016 09:12 AM
NFS Share User Mountable
I got this ACAS scan vulnerability #15984
NFS Share User Mountable
https://www.tenable.com/plugins/index.php?view=single&id=15984
their solution:
configure NFS so that only authorized hosts can mount the remote shares
My /etc/dfs/dfstab reads like this:
share -F nfs -o anon=-1,root=xxxx.xxxxx.xxxxx,rw=xxxx.xxxxx.xxxxx /xyz
I thought that anon=-1 should be enough to fix this problem. I changed anon=0 to anon=-1 , re-exported, but after re-running the scan, the vulnerability returned.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-14-2016 11:13 AM
03-14-2016 11:13 AM
Re: NFS Share User Mountable
>I changed anon=0 to anon=-1 , re-exported, but after re-running the scan, the vulnerability returned.
Typically anon is is set to -2, for nobody.
Also, perhaps the scan wants you to limit the ro= users too?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-14-2016 01:31 PM
03-14-2016 01:31 PM
Re: NFS Share User Mountable
I will make changes and re-run the scan.