From owner-freebsd-questions Wed Sep 12 13: 4:41 2001 Delivered-To: freebsd-questions@freebsd.org Received: from smtp011.mail.yahoo.com (smtp011.mail.yahoo.com [216.136.173.31]) by hub.freebsd.org (Postfix) with SMTP id 9D63137B403 for ; Wed, 12 Sep 2001 13:04:37 -0700 (PDT) Received: from mkc-65-31-219-45.kc.rr.com (HELO yahoo.com) (65.31.219.45) by smtp.mail.vip.sc5.yahoo.com with SMTP; 12 Sep 2001 20:04:37 -0000 X-Apparently-From: Message-ID: <3B9FBFD4.9040602@yahoo.com> Date: Wed, 12 Sep 2001 15:04:36 -0500 From: Jim Bryant Reply-To: kc5vdj@yahoo.com User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:0.9.2) Gecko/20010726 Netscape6/6.1 X-Accept-Language: en-us MIME-Version: 1.0 To: "David W. Chapman Jr." Cc: "P. U. (Uli) Kruppa" , freebsd-questions@FreeBSD.ORG Subject: Re: anonymous-ftp cracked References: <20010912174347.Q1009-100000@pukruppa.de> <3B9FA363.3020308@yahoo.com> <20010912150106.C57316@leviathan.inethouston.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG David W. Chapman Jr. wrote: > On Wed, Sep 12, 2001 at 01:03:15PM -0500, Jim Bryant wrote: > >>This doesn't indicate that you were cracked if it was anonymous FTP. >> >>You may have been scanned for open ports, and it appears that they took >>advantage of your FTP being open. >> >>Set up logging via the inetd.conf line (man ftpd for options). Then you can >>at least use ipf or ipfw to ban the domains that were involved. >> >> > > That will stop them from that site, but you'll end up banning most > major isp's. I constantly have these directories and the only way I > could stop it was denying read access to incoming folder. Dump sites > aren't any use to warez traffic'ers if nobody can download from them. Agreed. The only cure is to completely disable anonymous FTP or to at least deny write access.. If he only shares with a few friends, maybe passwording the 'ftp' account could be enough. jim -- ET has one helluva sense of humor! He's always anal-probing right-wing schizos! -------------------------------------------- POWER TO THE PEOPLE! _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message