Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 13 Sep 2001 09:38:43 -0500
From:      jacks@sage-american.com
To:        "Barry Byrne" <bb@wbtsystems.com>
Cc:        <freebsd-questions@FreeBSD.ORG>
Subject:   RE: anonymous-ftp cracked
Message-ID:  <3.0.5.32.20010913093843.011559f8@mail.sage-american.com>
In-Reply-To: <NCBBIAMNAKDKFJIIGNPKMEGAGAAA.bb@wbtsystems.com>
References:  <3.0.5.32.20010913090817.011559f8@mail.sage-american.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for all of the further helpful response... I should have added the
details that the incoming permissions are just for uploads only... no
downloads or viewable files allowed by the directory. Yet, monitoring is
still a good idea.

About other modes, forms, etc., although many submissions come from
technically-oriented folks from around the world, that Tech ability doesn't
necessarily include computers and I have to keep it simple. Submissions
also contain a mix of text and graphics s any type of form won't work. The
uploaders come without notice, except afterwards via email to let us know
they have submitted an article....

So, the bandits won't find our FTP directory very useful....

Any more tips would be weleome.....

At 03:27 PM 9.13.2001 +0100, Barry Byrne wrote:
>Jack:
>
>I too need to maintain an incoming directory on a couple of servers. The
>trick of making the directory unreadable really works. I still get probed on
>a daily basis (perhaps from two or three different IPs) but they all seem to
>do a small test transfer followed by an attempt to download) once it fails
>they go away. I run a small script every 15 minutes to move any recent
>uploads to an internally accessible directory for our users. It only takes
>one night with a readable/writable ftp server to be filled with warez/etc.
>
>Cheers,
>
>Barry
>
>--
>Barry Byrne, IT Manager,
>WBT Systems, Block 2, Harcourt Centre
>Harcourt Street, Dublin 2, Ireland
>
>Phone:  +353 1 417 0150
>Fax:    +353 1 478 5544
>Email:  barry.byrne@wbtsystems.com
>Web:    www.wbtsystems.com
>
>> -----Original Message-----
>> From: owner-freebsd-questions@FreeBSD.ORG
>> [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of
>> jacks@sage-american.com
>> Sent: 13 September 2001 15:08
>> To: Ted Mittelstaedt; Giorgos Keramidas; P. U. (Uli) Kruppa
>> Cc: current@FreeBSD.ORG; freebsd-questions@FreeBSD.ORG
>> Subject: RE: anonymous-ftp cracked
>>
>>
>> Ted: I've been watching this one because I've HAD to allow uploads to
>> incoming because of a need for such a place article submissions from our
>> Tech mag website from 175+ countries.
>>
>> Your tips for monitoring (like the script for a daily listing of the
>> directory) are so simple and obvious it put a smile on my face.
>> Thanks! LUV
>> this list!
>>
>> At 09:28 PM 9.12.2001 -0700, Ted Mittelstaedt wrote:
>> >>-----Original Message-----
>> >>From: owner-freebsd-questions@FreeBSD.ORG
>> >>[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Giorgos
>> >>Keramidas
>> >>
>> >>Another common thing done in writable incoming/ directories is
>> to create a
>> >>file of fixed size, say 100 Mb, and use vnconfig to mount this
>> file as the
>> >>incoming/ directory of an FTP server.  Then there's only about 100 Mb of
>> >>space available in your incoming/ and nobody can store tons of data in
>> there,
>> >>wasting your disk space until disks are full.
>> >>
>> >
>> >Hi Uli and Giorgos,
>> >
>> >  I've had a bit of experience with this sort of thing and I
>> have to say that
>> >nobody should be running an open FTP server that allows
>> uploading to anyone
>> >unless they are willing to take the time to monitor it - and I mean every
>> >day, preferably several times a day.
>> >
>> >100MB is plenty of space for some jerk to upload his collection
>> >of Sally SpreadEagle in all her silicon glory.  If that happens
>> >your going to find every bit of outbound bandwidth you have completely
>> >saturated.  If your unlucky enough to have your FTP server at an
>> >ISP you may find yourself fined heavily  (ie: overage charges)
>> >
>> >  Some people have a little script that runs out of cron and diffs the
>> >output of ls against the previous run and e-mails the maintainer when new
>> >files show up, others simply check by eye.  Whatever works for
>> you is fine,
>> >but don't think that you can just put out public storage for
>> anyone to use
>> >as they see fit and just ignore it anymore.
>> >
>> >
>> >Ted Mittelstaedt
>> tedm@toybox.placo.com
>> >Author of:                           The FreeBSD Corporate
>> Networker's Guide
>> >Book website:
>> http://www.freebsd-corp-net-guide.com
>> >
>> >
>> >
>> >To Unsubscribe: send mail to majordomo@FreeBSD.org
>> >with "unsubscribe freebsd-questions" in the body of the message
>> >
>> >
>>
>> Best regards,
>> Jack L. Stone,
>> Server Admin
>>
>> Sage-American
>> http://www.sage-american.com
>> jacks@sage-american.com
>>
>> To Unsubscribe: send mail to majordomo@FreeBSD.org
>> with "unsubscribe freebsd-questions" in the body of the message
>>
>
>
>

Best regards,
Jack L. Stone,
Server Admin

Sage-American
http://www.sage-american.com
jacks@sage-american.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.20010913093843.011559f8>