From owner-freebsd-questions  Thu Sep 13  8:13:37 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from perninha.conectiva.com.br (perninha.conectiva.com.br [200.250.58.156])
	by hub.freebsd.org (Postfix) with ESMTP id 94AEC37B401
	for <freebsd-questions@FreeBSD.ORG>; Thu, 13 Sep 2001 08:13:28 -0700 (PDT)
Received: from burns.conectiva (burns.conectiva [10.0.0.4])
	by perninha.conectiva.com.br (Postfix) with SMTP id 3081538CB8
	for <freebsd-questions@FreeBSD.ORG>; Thu, 13 Sep 2001 12:13:23 -0300 (EST)
Received: (qmail 10610 invoked by uid 0); 13 Sep 2001 15:11:04 -0000
Received: from duckman.distro.conectiva (root@10.0.17.2)
  by burns.conectiva with SMTP; 13 Sep 2001 15:11:04 -0000
Received: (from localhost user: 'riel', uid#500) by duckman.distro.conectiva
	with ESMTP id <S76046AbRIMPNI>; Thu, 13 Sep 2001 12:13:08 -0300
Date:	Thu, 13 Sep 2001 12:13:08 -0300 (BRST)
From: Rik van Riel <riel@conectiva.com.br>
X-X-Sender:  <riel@duckman.distro.conectiva>
To: Ted Mittelstaedt <tedm@toybox.placo.com>
Cc: Giorgos Keramidas <charon@labs.gr>,
	"P. U. (Uli) Kruppa" <root@pukruppa.de>, <current@FreeBSD.ORG>,
	<freebsd-questions@FreeBSD.ORG>
Subject: RE: anonymous-ftp cracked
In-Reply-To: <001501c13c0c$7d077780$1401a8c0@tedm.placo.com>
Message-ID: <Pine.LNX.4.33L.0109131210300.22538-100000@duckman.distro.conectiva>
X-supervisor: aardvark@nl.linux.org
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Wed, 12 Sep 2001, Ted Mittelstaedt wrote:

> nobody should be running an open FTP server that allows
> uploading to anyone unless they are willing to take the time to
> monitor it

Some ftp daemons have the option to automatically email
the admins every time a file gets uploaded.

> 100MB is plenty of space for some jerk to upload his collection
> of Sally SpreadEagle in all her silicon glory.  If that happens
> your going to find every bit of outbound bandwidth you have
> completely saturated.

That's what per-directory bandwidth limitations are for.
If your /incoming needs to be usable for articles, you
could just limit it to something like 2 kB/s per user.

That's enough for legitimate articles, but for warez and
porn it becomes effectively write-only.

The only real problem is that people tend to upload the
most worthless crap, so nothing interesting ever shows up
in the 'harvesting' area.

cheers,

Rik
--
IA64: a worthy successor to the i860.

		http://www.surriel.com/
http://www.conectiva.com/	http://distro.conectiva.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message