From Linuxnetworks
Contents |
[edit] History
[edit] In the beginning
In a modern computer environment, easy access to files, even if they are located on different machines, is absolutely necessary. Several companies recognized this in the late eighties and early nineties and tried to implement a suitable solution to this problem. This was long before the word "internet" was so common like today. Their protocols and pieces of software were optimized for LANs (local area networks) in companies (which was a growing market) and therefore the main demand was speed and easy access.
[edit] Changed environments
In such a closed environment, where all clients and server are controlled by a team of system administrators and users has no privileged access to their workstations, security is not an issue so much. For example, users can not sniff passwords from the net or read the files transferred to the server, because they have no access to privileged functions of the operating system, which would allow this. Today, where much of the data is transferred over the internet, security is an issue. Anybody which has a computer, an internet access and some knowhow can read all data transfers, which are not encrypted containing sensible data such as passwords.
[edit] Common file sharing protocols
[edit] Network File System
In the UNIX environment the "Network File System" (NFS) from SUN is widely used. It is a rather complex protocol because there is an abstraction layer between the computer file system layer and the actual network protocol. This is named "eXternal Data Representation" (XDR) and was mainly introduced for portability reasons. The different layers and the set of programs needed, make it rather difficult to implement it. In the past, there has surfaced several implementation faults, which ended up that the attacker got root access to the server.
Furthermore NFS is build upon the UDP protocol, which is a connectionless protocol meaning that it is a set of single, unrelated packets instead of a controlable data stream. This implies that an attacker can insert his own packets into the transfer and a (stateful) firewall is not able to filter them out. Then, only the server is able to check against attacks and the administrator have to hope, that it is doing its job good. This is every administrators nightmare.
On the other side, this is an expensive possibility for an attacker. There is a very easy way to get the data from the server. Because NFS has no password authentication, it relies on the fact, that on the client computer the same users are known as on the server. If you use your own computer, you have usually root access and you can create an user which the same uid as on the server and immediately you have access to all data of this user on the server.
[edit] Microsoft SMB
Under the Windows operation system, a protocol called "Service Message Block" (SMB) or also named CIFS is very common. The intention of its creators was a simple way to transfer files between two computers over a parallel printer cable. The product was named "LanManager" and used on DOS and Windows 3.0 before the company was bought by Microsoft and the product was integrated into Windows for Workgroups 3.11.
Since then, Microsoft make several enhancements to the protocol, but at the core it is the same. SMB relies also on UDP like NFS with the same drawbacks. Instead of NFS, SMB shares may be password protected and since Windows 98 not the clear text password will be transferred but a hash of this password. But this increases security not at all, because the hash is clear text equivalent. If you have the hash, it is as good as the password itself.
