Fibre Channel (SAN)

Reply
Contributor
Posts: 20
Registered: ‎04-21-2014

NFS Filesystems option Brocade FC switch

Hi Guys,

Is NFS Filesystem option available in Brocade FC switch with FOS 6.4.3e? If yes,

May i know how to enable and disable it?

I have checked in Admin guide and CLI guide but no info found with respect to NFS.

 

Regards,
Niklesh Reddy

Contributor
Posts: 26
Registered: ‎09-11-2012

Re: NFS Filesystems option Brocade FC switch

I'm not sure what you're looking for here. NFS is a NAS protocol, these are Fibre Channel switches. Are you looking for some way to transfer files from the switch?

Contributor
Posts: 20
Registered: ‎04-21-2014

Re: NFS Filesystems option Brocade FC switch

Our customer ran IP360 for scan and the vulnerability was reported on all the brocade switches.

See description below:
-------------------------------------

Vulnerablity Description
VULNDESC-1528
IP360: Vulnerability 3812 Exported NFS Filesystems
Type: VulnDesc
Source:IP360
Vulnerability ID:3812
Vulnerability Name: Exported NFS Filesystems
Advisory: nCircle CVSS Base Score: 8.8
Risk: Remote Privileged

Regards,
Niklesh Reddy

 

Contributor
Posts: 20
Registered: ‎04-21-2014

Re: NFS Filesystems option Brocade FC switch

So customer wants to disable it... is it possible to disable NFS on the FC switch?

Even i have not seen NFS on FC switch...Checking out if any one has seen it. and anyone knows about this issue..

Regards,
Niklesh Reddy

Valued Contributor
Posts: 931
Registered: ‎12-30-2009

Re: NFS Filesystems option Brocade FC switch

NFS is not an option which you can en/disable, file delivery (firmware) is either FTP/USB AFAICR.

personaly I've never come across a FC switch with an NFS deamon running.

An nmap/netstat/rpcinfo against my 6.2.0g hasn't marked the default udp/tcp 2049 for NFS as open.

 

That said you can use the ipfilter rules to block anything

You can even lock yourself out of your switch, so be carefull and make sure you have a working serial connection in the event you locked yourself out.

 

But before you block the port, make sure no other services are using that port which are vital to its workings by confirming the IP360 findings.

Contributor
Posts: 20
Registered: ‎04-21-2014

Re: NFS Filesystems option Brocade FC switch

Hi,

Thank you for reply,

I got it that .. we cant disable/enable the NFS on FC switch..

One more question...

Are FC switches NFS vulnerable at FOS 6.4.3e ?

Regards,
Niklesh Reddy

 

 

 

Valued Contributor
Posts: 931
Registered: ‎12-30-2009

Re: NFS Filesystems option Brocade FC switch

Clarifying my last post first alinea; there should be no NFS deamon (running) on your switch.

 

Ask whomever marked the security issue to give more details on how the alert was raised in the first place, perhaps its a false positive.

 

So NO would be the answer to "Are FC switches NFS vulnerable at FOS 6.4.3e ?" as there (should be) no NFS deamon.

Contributor
Posts: 20
Registered: ‎04-21-2014

Re: NFS Filesystems option Brocade FC switch

Hi,

I will check and update .

Regards,
Niklesh Reddy

New Member
Posts: 1
Registered: ‎04-25-2014

Re: NFS Filesystems option Brocade FC switch

Hi.

 

We are running 6.4.3d on a few varieties of switches and this vulnerability just popped up a few weeks ago from our security team as well.  I haven't had time to look much into it yet, but I suspect Support will say "Upgrade your firmware before we'll help you at all"...

 

I'll try to get more details from our Security team.

 

Cheers

R

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.