📔
Defense
  • Defense
  • Getting Started
    • Introductory Networking
      • Introduction
      • The OSI Model: An Overview
        • Answers
      • Encapsulation
        • Answers
      • The TCP/IP Model
        • Answers
      • Wireshark
        • Answers
      • Networking Tools - Ping
        • Answers
      • Networking Tools - Traceroute
        • Answers
      • Networking Tools - WHOIS
        • Answers
      • Networking Tools Dig
        • Answers
      • Further Reading
    • Network Services
      • Understanding SMB
        • Answers
      • Enumerating SMB
        • Answers
        • Untitled
      • Exploiting SMB
        • Answers
        • Untitled
      • Understanding Telnet
        • Answers
      • Enumerating Telnet
        • Answers
        • Untitled
      • Exploiting Telnet
        • Answers
        • Untitled
      • Understanding FTP
        • Answers
      • Enumerating FTP
        • Answers
        • Untitled
      • Exploiting FTP
        • Answers
        • Untitled
      • Expanding Your Knowledge
    • Network Services 2
      • Understanding NFS
        • Answers
      • Enumerating NFS
        • Answers
        • Untitled
      • Exploiting NFS
        • Answers
        • Untitled
      • Understanding SMTP
        • Answers
      • Enumerating SMTP
        • Answers
        • Untitled
      • Exploiting SMTP
        • Answers
        • Untitled
      • Understanding MYSQL
        • Answers
      • Enumerating MYSQL
        • Answers
        • Untitled
      • Exploiting MYSQL
        • Answers
        • Untitled
      • Further Learning
    • Wireshark 101
      • Introduction
      • Installation
      • Wireshark Overview
      • Collection Methods
      • Filtering Packets
      • Packet Dissection
      • ARP Traffic
        • Answers
      • ICMP Overview
        • Answers
      • TCP Traffic
      • DNS Traffic
        • Answers
      • HTTP Traffic
        • Answers
      • HTTPS Traffic
        • Answers
      • Analyzing Exploit PCAPS
      • Conclusion
    • !Intro to Windows
    • Active Directory Basics
      • Introduction
      • Physical Active Directory
        • Answers
      • The Forest
        • Answers
      • Users + Groups
        • Answers
      • Trusts + Policies
        • Answers
      • Active Directory Domain Services + Authentication
        • Answers
      • AD in the Cloud
        • Answers
      • Hands-On Lab
        • Answers
        • Untitled
      • Conclusion
    • !Windows Core Processes
    • !SysInternals
  • Threat and Vulnerability Management
    • !Nessus
      • Introduction
      • Installation
      • !Navigation and Scans
        • Answers
      • !Scanning
      • !Scanning a Web Application
    • MITRE
      • Introduction to Mitre
      • Basic Terminology
      • ATT&CK Framework
        • Answers
      • CAR Knowledge Base
        • Answers
      • Shield Active Defense
        • Answers
      • ATT&CK EmulationPlans
        • Answers
      • ATT&CK® and Threat Intelligence
        • Answers
      • Conclusion
    • Yara
      • Introduction
      • What is Yara?
        • Answers
      • Installing Yara (Ubuntu/Debian & Windows)
      • Deploy
      • Introduction to Yara Rules
      • Expanding on Yara Rules
      • Yara Modules
      • Other Tools and Yara
      • Using LOKI and its Yara rule set
        • Answers
        • Untitled
      • Creating Yara rules with yarGen
        • Answers
        • Untitled
      • Valhalla
        • Answers
      • Conclusion
    • Intro to ISAC
      • Introduction
      • Basic Terminology
      • What is Threat Intelligence?
      • What are ISACs?
      • Using Threat Connect to create a Threat Intel dashboard
      • Introduction to AlienVault OTX
      • Using OTX to gather Threat Intelligence
      • Creating IOCs
      • Investigating IOCs
        • Answers
    • Zero Logon
      • The Zero Day Angle
      • Impacket Installation
      • The Proof of Concept
        • Answers
      • Lab it up!
        • Answers
        • Untitled
    • !OpenVAS
    • !MISP
  • Security Operations and Monitoring
    • Splunk
    • Windows Event Logs
    • Sysmon
    • Suricata
    • Osquery
    • Graylog
    • OpenEDR
  • Threat Emulation
    • Attacktive Directory
    • Attacking Kerberos
    • Atomic Red Team
  • Incident Response and Forensics
    • Volatility
    • Forensics
    • Investigating Windows
    • Windows Forensics
    • Redline
    • Autopsy
  • Malware Analysis and Reverse Engineering
    • History of Malware
    • Malware Introductory
    • Researching
    • Strings
    • Basic Malware RE
    • REMnux: The Redux
    • Reversing .NET Apps
Powered by GitBook
On this page

Was this helpful?

  1. Getting Started
  2. Network Services 2

Understanding NFS

PreviousNetwork Services 2NextAnswers

Last updated 4 years ago

Was this helpful?

What is NFS?

NFS stands for "Network File System" and allows a system to share directories and files with others over a network. By using NFS, users and programs can access files on remote systems almost as if they were local files. It does this by mounting all, or a portion of a file system on a server. The portion of the file system that is mounted can be accessed by clients with whatever privileges are assigned to each file.

How does NFS work?

Computer network - Vector stencils library | Computers ...

We don't need to understand the technical exchange in too much detail to be able to exploit NFS effectively- however if this is something that interests you, I would recommend this resource: https://docs.oracle.com/cd/E19683-01/816-4882/6mb2ipq7l/index.html

First, the client will request to mount a directory from a remote host on a local directory just the same way it can mount a physical device. The mount service will then act to connect to the relevant mount daemon using RPC.

The server checks if the user has permission to mount whatever directory has been requested. It will then return a file handle which uniquely identifies each file and directory that is on the server.

If someone wants to access a file using NFS, an RPC call is placed to NFSD (the NFS daemon) on the server. This call takes parameters such as:

  • The file handle

  • The name of the file to be accessed

  • The user's, user ID

  • The user's group ID

These are used in determining access rights to the specified file. This is what controls user permissions, I.E read and write of files.

What runs NFS?

Using the NFS protocol, you can transfer files between computers running Windows and other non-Windows operating systems, such as Linux, MacOS or UNIX.

A computer running Windows Server can act as an NFS file server for other non-Windows client computers. Likewise, NFS allows a Windows-based computer running Windows Server to access files stored on a non-Windows NFS server.

More Information:

Here are some resources that explain the technical implementation, and working of, NFS in more detail than I have covered here.

https://www.datto.com/library/what-is-nfs-file-share

http://nfs.sourceforge.net/

https://wiki.archlinux.org/index.php/NFS

What does NFS stand for?

What process allows an NFS client to interact with a remote directory as though it was a physical device?

What does NFS use to represent files and directories on the server?

What protocol does NFS use to communicate between the server and client?

What two pieces of user data does the NFS server take as parameters for controlling user permissions? Format: parameter 1 / parameter 2

Can a Windows NFS server share files with a Linux client? (Y/N)

Can a Linux NFS server share files with a MacOS client? (Y/N)

What is the latest version of NFS? [released in 2016, but is still up to date as of 2020] This will require external research.