Help

Block/disable NFS client

r_stiffler
New Contributor

Posted on ‎06-25-2019 01:09 PM - last edited a month ago by Community Manager

With the recent news of a Gatekeep bypass bug utilizing NFS to get a shell on a remote system, we are looking to block all client NFS communications on our systems till Apple patches the vulnerability.

We been looking all day for a way to block the NFS client but so far come up with nothing.

Anyone else have any ideas on this?

https://thehackernews.com/2019/06/macos-malware-gatekeeper.html?utm_source=feedburner&utm_medium=fee...

Labels:
0 Kudos
Reply
1 REPLY 1

sdagley
Esteemed Contributor II

Posted on ‎06-25-2019 01:22 PM

@r.stiffler If you look at Filippo Cavallarin's post on the subject at https://www.fcvl.net/vulnerabilities/macosx-gatekeeper-bypass he suggests editing /etc/auto_master to disable this behavior for now. Let's hope Apple fixes it soon as that file is covered by SIP under Catalina.

0 Kudos
Reply