Date: Thu, 13 Sep 2001 18:50:27 -0500 (CDT) From: Joe Greco <jgreco@ns.sol.net> To: freebsd-questions@FreeBSD.ORG, current@FreeBSD.ORG, jacks@sage-american.com Subject: Re: anonymous-ftp cracked Message-ID: <200109132350.SAA51099@aurora.sol.net>
next in thread | raw e-mail | index | archive | help
> Ted: I've been watching this one because I've HAD to allow uploads to > incoming because of a need for such a place article submissions from our > Tech mag website from 175+ countries. > > Your tips for monitoring (like the script for a daily listing of the > directory) are so simple and obvious it put a smile on my face. Thanks! LUV > this list! Assuming you're using wuftpd: You may have to allow incoming, but perhaps you don't have to allow downloads of /incoming. Think about it. :-) Alternatively, wuftpd has a very nice notification feature that will mail you when something is submitted. Some of us do have good reasons for allowing both-way incoming access. Make sure your /incoming directory is unreadable in any case... > From ftp@snarchive.sol.net Thu Sep 13 18:42:44 2001 > Return-Path: <ftp@snarchive.sol.net> > Date: Thu, 13 Sep 2001 18:42:41 -0500 (CDT) > From: wu-ftpd <ftp@snarchive.sol.net> > Subject: New file uploaded: file.tmp > To: undisclosed-recipients:; > > jgreco@ uploaded /incoming/file.tmp from 206.55.xxx.xxx. > File size is 504586240. > Please move the file where it belongs. This has the advantage of being almost instantaneous. After an @Home wanker decided to fill a few gigabytes on snarchive, creating a denial-of-service to the legitimate users, I turned this on. Now when somebody tries to use me for their warez, I accidentally corrupt a bunch of bytes in their files. So far, they seem to have gotten the message, because I've only seen one unauthorized file attempted upload this week. >:-> -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109132350.SAA51099>