NFS

Network File System

sudo mount 10.10.10.34:/var/nfsshare /mnt

Enumeration

Use nmap scripts

nmap -sV --script=nfs-ls 10.10.10.34

showmount -e 10.10.10.34

cat /etc/exports

Configuration

sync: Ensures all changes are written to disk before the NFS server responds to the client. This is safer but slower.
async: Allows the server to respond before data is written to disk. This improves performance but can lead to data loss if the server crashes.

root_squash: Maps root user requests from clients to the nfsnobody user (or equivalent) on the server, restricting root access.
no_root_squash: Grants root user on the client the same privileges as root on the server. Use with caution, as it can lead to security risks.
all_squash: Maps all client users (including root) to the nfsnobody user (or equivalent) on the server.
no_all_squash: Retains the original UID and GID of non-root users from the client on the server. This is the default.
anonuid=<UID>: Sets the UID of the anonymous user for all_squash or root_squash. Default is 65534 (nfsnobody).
anongid=<GID>: Sets the GID of the anonymous user. Default is 65534.

secure: Requires clients to use a privileged port (below 1024) for communication. This is the default.
insecure: Allows clients to connect from any port, including unprivileged ports (above 1024). Necessary for some client configurations.
no_subtree_check: Disables subtree checking. Recommended for shared directories where the export does not match the actual filesystem hierarchy, as it improves performance.
subtree_check: Enables subtree checking. Verifies that the requested file is within the exported tree. This is the default.

no_wdelay: Prevents the NFS server from delaying writes. Useful when multiple clients write to the same file simultaneously.
wdelay: Causes the server to delay writes slightly to optimize performance when multiple write requests arrive. This is the default.

Last updated 7 months ago