LinuxLists.cc - Re: auto-discovery of exports?

2004-04-08 02:03:02

Subject: Re: auto-discovery of exports?

Guolin Cheng wrote:
>
> Sure, to your own networks, do you want to search all Internet for nfs
> servers? :)
>
> Run a "nmap -sU -p 2049 <your_net_work, like 192.168.0>" to find all nfs
> servers providing services on UDP, similar "nmap -p 2049 <your_net_work,
> like 192.168.0>" to find nfs servers on TCP.

You shouldn't rely on port 2049 for pre-v4 NFS. To enumerate NFS servers
try doing a broadcast RPC of a NULL call to RPC program 100003.

Greg.
--
Greg Banks, R&D Software Engineer, SGI Australian Software Group.
I don't speak for SGI.

-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs

2004-04-08 06:54:17

by Olaf Kirch

[permalink] [raw]

Subject: Re: auto-discovery of exports?

On Thu, Apr 08, 2004 at 12:02:37PM +1000, Greg Banks wrote:
> You shouldn't rely on port 2049 for pre-v4 NFS. To enumerate NFS servers
> try doing a broadcast RPC of a NULL call to RPC program 100003.

No, that won't help. Many portmappers are quite restrictive in what
they forward via PMAP_CALL. NFS and MOUNT calls are not among them for
security reasons (because by bouncing your request off portmap, the NFS
server will see a request from 127.0.0.1 - and may grant you more rights
than you would get ordinarily).

Some portmaps may actually allow calls to the NFS NULL procedure, but
many don't.

Broadcasts to 2049 may not work either if the daemon binds to all interface
addresses rather than INADDR_ANY.

I wrote a tool for enumerating NFS servers a long time back, and found
the only way to go about it is to enumerate all hosts first, then do a
pmap_getport(100005), and then call each mountd i turn.

Alternatively you could set up an SLP directory, and change your nfsd startup
scripts to register all nfsd's via SLP.

Olaf
--
Olaf Kirch | The Hardware Gods hate me.
[email protected] |
---------------+

-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs