Service:
Protocol:
TCP/UDPPort:
892Used for:
NFS mount daemon serviceWhy It’s Open
Port 892 is used for the NFS Mount Daemon (MOUNTD), a critical component of Network File System (NFS) services. The mount daemon handles file system mount requests from NFS clients, authenticating clients and providing them with file handles for accessing exported file systems. Operating over both TCP and UDP protocols, MOUNTD is essential for NFS functionality in Unix/Linux environments. Organizations use this service to enable distributed file sharing across networks, allowing multiple systems to access shared storage resources. In enterprise environments, this port is often found on file servers, NAS devices, and storage appliances that provide centralized file system access.
Common Risks
- Insecure access controls
Improper NFS export configurations may allow unauthorized file access - Authentication bypass
Weak or misconfigured MOUNTD authentication mechanisms can be exploited - Directory traversal
Path manipulation attacks may access files outside the intended export - Information disclosure
Exported file systems may contain sensitive data or configuration files - Remote code execution
Buffer overflow vulnerabilities in MOUNTD implementations can lead to RCE - NFS export mapping
Attackers can enumerate available exports and mount points - Man-in-the-middle attacks
Unencrypted NFS traffic can be intercepted or modified - Denial of service
MOUNTD service can be overwhelmed with malformed mount requests
Want to save time on reporting?
Let PentestPad generate, track, and export your reports - automatically.
Enumeration & Testing
Basic Service Detection
nmap -sV -p 892 target_ipnmap -sU -p 892 target_ipNFS Mount Daemon Enumeration
# Show exports and mount pointsshowmount -e target_ip
# Check RPC servicesrpcinfo -p target_ip | grep mountnmap --script=rpc-grind target_ip -p 892Mount Testing
# Create mount pointmkdir /tmp/nfs_mount
# Try to mount an exportmount -t nfs target_ip:/export /tmp/nfs_mount
# Test for insecure permissionsls -la /tmp/nfs_mount/Security Testing
nmap --script nfs* -p 892 target_ipWhat to Look For
| Checkpoint | What it means |
|---|---|
| Available exports | Identify what file systems are being exported |
| Export permissions | Check for insecure options like no_root_squash |
| Authentication mechanisms | Verify if AUTH_SYS, Kerberos, or other auth is used |
| File permissions | Test write access to mounted file systems |
| User/group mapping | Check how remote user IDs are mapped to local users |
| Network restrictions | Verify if exports are restricted to specific IP ranges |
Mitigation
- Restrict exports
Use the “ro” option in exports file to make shares read-only where possible - Implement firewall rules
Limit access to port 892 to only trusted IP addresses - Use secure authentication
Configure Kerberos instead of AUTH_SYS when possible - Apply access controls
Configure the exports file with proper host restrictions - Keep NFS updated
Apply security patches to NFS server and related services - Monitor mount requests
Implement logging and alerting for unauthorized mount attempts
TL;DR
- Port 892 = Mount Daemon service
- Protocol: TCP/UDP
- Used for: NFS mount daemon service
- Security focus: Proper configuration and monitoring required
Real World Example
In 2018, security researchers discovered NFS servers with port 892 (mountd) publicly exposed on the internet. Attackers exploited improperly configured exports to gain access to sensitive file systems. By sending crafted RPC requests to the mountd service, they were able to map UIDs/GIDs across systems and access files with elevated privileges. The incident affected multiple organizations that had failed to restrict mountd access to trusted networks only.
Known CVEs and Exploits
- CVE-2017-16539 – Linux kernel NFS mount vulnerability allowing privilege escalation
- CVE-2019-3689 – NFS mount daemon buffer overflow vulnerability
- Mount point manipulation – Unauthorized file system mounting and access
- Directory traversal attacks – Path manipulation to access restricted file systems