Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 12 Sep 2001 21:28:07 -0700
From:      "Ted Mittelstaedt" <tedm@toybox.placo.com>
To:        "Giorgos Keramidas" <charon@labs.gr>, "P. U. (Uli) Kruppa" <root@pukruppa.de>
Cc:        <current@FreeBSD.ORG>, <freebsd-questions@FreeBSD.ORG>
Subject:   RE: anonymous-ftp cracked
Message-ID:  <001501c13c0c$7d077780$1401a8c0@tedm.placo.com>
In-Reply-To: <20010912211632.A65756@hades.hell.gr>
next in thread | previous in thread | raw e-mail | index | archive | help 
>-----Original Message-----
>From: owner-freebsd-questions@FreeBSD.ORG
>[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Giorgos
>Keramidas
>
>Another common thing done in writable incoming/ directories is to create a
>file of fixed size, say 100 Mb, and use vnconfig to mount this file as the
>incoming/ directory of an FTP server.  Then there's only about 100 Mb of
>space available in your incoming/ and nobody can store tons of data in there,
>wasting your disk space until disks are full.
>

Hi Uli and Giorgos,

  I've had a bit of experience with this sort of thing and I have to say that
nobody should be running an open FTP server that allows uploading to anyone
unless they are willing to take the time to monitor it - and I mean every
day, preferably several times a day.

100MB is plenty of space for some jerk to upload his collection
of Sally SpreadEagle in all her silicon glory.  If that happens
your going to find every bit of outbound bandwidth you have completely
saturated.  If your unlucky enough to have your FTP server at an
ISP you may find yourself fined heavily  (ie: overage charges)

  Some people have a little script that runs out of cron and diffs the
output of ls against the previous run and e-mails the maintainer when new
files show up, others simply check by eye.  Whatever works for you is fine,
but don't think that you can just put out public storage for anyone to use
as they see fit and just ignore it anymore.


Ted Mittelstaedt                                       tedm@toybox.placo.com
Author of:                           The FreeBSD Corporate Networker's Guide
Book website:                          http://www.freebsd-corp-net-guide.com



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001501c13c0c$7d077780$1401a8c0>