Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 12 Sep 2001 15:04:36 -0500
From:      Jim Bryant <kc5vdj@yahoo.com>
To:        "David W. Chapman Jr." <dwcjr@inethouston.net>
Cc:        "P. U. (Uli) Kruppa" <root@pukruppa.de>, freebsd-questions@FreeBSD.ORG
Subject:   Re: anonymous-ftp cracked
Message-ID:  <3B9FBFD4.9040602@yahoo.com>
References:  <20010912174347.Q1009-100000@pukruppa.de> <3B9FA363.3020308@yahoo.com> <20010912150106.C57316@leviathan.inethouston.net>

next in thread | previous in thread | raw e-mail | index | archive | help
David W. Chapman Jr. wrote:

> On Wed, Sep 12, 2001 at 01:03:15PM -0500, Jim Bryant wrote:
> 
>>This doesn't indicate that you were cracked if it was anonymous FTP.
>>
>>You may have been scanned for open ports, and it appears that they took 
>>advantage of your FTP being open.
>>
>>Set up logging via the inetd.conf line (man ftpd for options).  Then you can 
>>at least use ipf or ipfw to ban the domains that were involved.
>>
>>
> 
> That will stop them from that site, but you'll end up banning most 
> major isp's.  I constantly have these directories and the only way I 
> could stop it was denying read access to incoming folder.  Dump sites 
> aren't any use to warez traffic'ers if nobody can download from them.


Agreed.  The only cure is to completely disable anonymous FTP or to at least deny write access..

If he only shares with a few friends, maybe passwording the 'ftp' account could be enough.


jim
-- 
     ET has one helluva sense of humor!
He's always anal-probing right-wing schizos!
--------------------------------------------
           POWER TO THE PEOPLE!


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B9FBFD4.9040602>