Thank you both for your knowledge and suggestions. I have a couple of routes to explore. Thanks!
Posts made by jhorner
-
RE: Permissions on /images directory
-
Permissions on /images directory
Hi, I’m working on hardening my Fog server (Ubuntu 14.04) and ran a vulnerability scan with Nessus. The highest severity result was “NFS Share User Mountable” relating to the /images directory that Fog uses. I’m wondering if changing permissions or configuring NFS differently will break Fog. Are there other methods to secure this directory that won’t impact Fog?
I’m assuming these shares are open so that hosts being imaged can access it. What’s the worst that could happen? I’m imagining a scenario where an attacker copies an image, deploys it, and are then able to take their time to enumerate local creds.
Here are the complete scan results:
Description
Some of the NFS shares exported by the remote server could be mounted by the scanning host. An attacker may exploit this problem to gain read (and possibly write) access to files on remote host.
Note that root privileges were not required to mount the remote shares. That is, the source port to mount the shares was bigger than 1024.
SolutionConfigure NFS on the remote host so that only authorized hosts can mount the remote shares.
The remote NFS server should prevent mount requests originating from a non-privileged port.
Output
The following NFS shares could be mounted without root privileges :-
/images
- Contents of /images :
- .
- …
- .mntcheck
- 2035Wonetime
- 2037W
- Win10
- Win10Silver
- Win10Gold
- Win10TestPreSysprep
- dev
- postdownloadscripts
- Contents of /images :
-
/images/dev
- Contents of /images/dev :
- .
- …
- .mntcheck
- Contents of /images/dev :
-