Solved

is it possible to stop nfs shares from reporting any information about the shares

Posted on 2011-09-13
3
297 Views
Last Modified: 2012-06-21
I have two nfs shares between a as400 and 2 linux serves.  The rhel5 serves will answer a query with the ip address shares.  Is there anyway to have the shares run without telling any computer that they are running?

In other words a stealth share that one can use only if he already knows that it is there.

gary
0
Comment
Question by:javagair
  • 2
3 Comments
 
LVL 21

Accepted Solution

by:
Papertrip earned 500 total points
ID: 36532658
You might be able to accomplish this with TCP wrappers.

First, in /etc/hosts.deny, add
portmap: ALL
rpc.mountd: ALL
rpc.rquotad: ALL

Open in new window


Then, in /etc/hosts.allow, add
portmap: your.ip.address or.your.hostname
rpc.mountd:  your.ip.address or.your.hostname
rpc.rquotad: your.ip.address or.your.hostname

Open in new window

like
rpc.mountd:  192.168.1.1
rpc.rquotad: bob.domain.com

Open in new window



Then restart the NFS server.

I'm not sure if this is going to work, I've never come across the need for this before.  If this way doesn't work, then I don't think it's possible.  Perhaps someone else knows more, but try my idea first.
0
 

Author Comment

by:javagair
ID: 36537463
the reason I asked the question is we got written up on a vulnerability report because they could see which ip address where connected to the nfs shares.

gary
0
 

Author Closing Comment

by:javagair
ID: 36545129
I am accepting this as the answer because after reading this I checked linux information on these subjects and the information appears to correct.  I would have liked to wait till the next vulnerability test was run but that is not for 30 days and questions don't stay open that long.

gary
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This document is written for Red Hat Enterprise Linux AS release 4 and ORACLE 10g.  Earlier releases can be installed using this document as well however there are some additional steps for packages to be installed see Metalink. Disclaimer: I hav…
The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question