Setting
up an NFS server : /etc/hosts.allow
and /etc/hosts.deny
In
addition to controlling access to services handled by inetd
(such as telnet and FTP), this file can also control access to NFS by
restricting connections to the daemons that provide NFS services.
Restrictions
are done on a per-service basis.
The
first daemon to restrict access to is the portmapper.
This daemon essentially just tells
requesting clients how to find all the NFS services on the system.
Restricting access to the portmapper is the best
defense against
someone breaking into your system through NFS because completely
unauthorized clients won't know where to find the NFS daemons.