MRMCD 2024

Network File System Security
10-06, 13:00–13:50 (Europe/Berlin), C205 - Ocean Starr
Language: Deutsch

The Network File System was developed by Sun and its protocol version 2 was published to the public in 1989. The assumptions about networks date back to the same era. Still, it is widely used in corporate networks or universities. It is a scalable way to implement network shares, especially in Unix/Linux environments it is often used to mount home directories across large IT landscapes. While there are ways to implement encryption and access controls in a (more) secure manner with Kerberos, many enterprises do not. Furthermore, most operators do not understand the security model of the NFS protocol. In this talk we will talk about the security misconceptions of NFS and how to exploit them.

See also: Talk Slides (1.7 MB)

Sergej Schmidt is a senior security consultant at WALLSEC GmbH. He conducts pentests and is regularly involved in detection engineering and SOC automation projects. His non-linear path started more than a dozen years ago at a small consultancy company, then going back to university, only to find himself in large enterprises at the end. While doing his Masters he spent two years with research on automated binary reversing. Most of his career his areas were pentesting of network infrastructures, build systems, web and mobile applications.
Before his current job, he spent multiple years at the defenders' side as an incident responder with a focus on Linux security monitoring and detection engineering.

This speaker also appears in: