|We would like to disable the network file systems NFS (Network File System, common to most Unix variants) and SMB (Samba, which comes with most Linux distributions). We strongly recommend that you disable both of these. NFS has a history of major security vulnerabilities; Samba is slightly better, but it is still a shared file system and still raises potentially severe security concerns. Both services use clear-text, meaning that any data transferred can be monitored by anyone else on your network (even if you use a switching router, as switches were designed for performance, not security). Transferred data includes file handles, which can then be used to modify files.
These services are safer if you can set your firewall to block packets for either of them from entering or leaving your network, but it's probably best to deactivate them until you can investigate whether or not you need them and how to best secure them.|