GEN:SID | 1:1504 |
Message | MISC AFS access |
Summary | This event is generated when an attempt is made to access AFS from a source outside the protected network.
|
Impact | Serious. Unauthorized file access.
|
Detailed Information | The Andrew File System (AFS) is a popular networked file system much like NFS, it is often used in the enterprise or by educational institutions.
AFS utilises an Access Control List (ACL) to determine which hosts or networks are allowed to connect to the resources in the system. Misconfigured ACLs may allow an attacker to gain critical information.
|
Affected Systems | |
Attack Scenarios | Badly configured ACL's allow an attacker that has access to the AFS service to read critical files and even upload files.
|
Ease of Attack | Simple. No exploit code is needed.
|
Corrective Action | Use a packet filtering firewall to prevent unknown hosts from accessing the AFS service
|
Additional References | |
Rule References | nessus: 10441
|