From owner-freebsd-questions Thu Sep 13 17:26:48 2001 Delivered-To: freebsd-questions@freebsd.org Received: from sage-american.com (sage-american.com [216.122.141.44]) by hub.freebsd.org (Postfix) with ESMTP id 8694137B40B for ; Thu, 13 Sep 2001 17:26:45 -0700 (PDT) Received: from sageone (ppp-208-191-235-43.dialup.crchtx.swbell.net [208.191.235.43]) by sage-american.com (8.9.3/8.9.3) with SMTP id TAA16222; Thu, 13 Sep 2001 19:26:39 -0500 (CDT) Message-Id: <3.0.5.32.20010913192659.011559f8@mail.sage-american.com> X-Sender: jacks@mail.sage-american.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Thu, 13 Sep 2001 19:26:59 -0500 To: Joe Greco , freebsd-questions@FreeBSD.ORG From: jacks@sage-american.com Subject: Re: anonymous-ftp cracked In-Reply-To: <200109132350.SAA51099@aurora.sol.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Joe: Thanks for the follow up.... indeed uploads only are allowed. No other permissions allowed... because of earlier tips, I now have cron sending emails to me regularly about the status of the incoming folder so it is always monitored as well. Thanks to all for the many good tips on this issue! At 06:50 PM 9.13.2001 -0500, Joe Greco wrote: >> Ted: I've been watching this one because I've HAD to allow uploads to >> incoming because of a need for such a place article submissions from our >> Tech mag website from 175+ countries. >> >> Your tips for monitoring (like the script for a daily listing of the >> directory) are so simple and obvious it put a smile on my face. Thanks! LUV >> this list! > >Assuming you're using wuftpd: > >You may have to allow incoming, but perhaps you don't have to allow >downloads of /incoming. Think about it. :-) > >Alternatively, wuftpd has a very nice notification feature that will mail >you when something is submitted. Some of us do have good reasons for >allowing both-way incoming access. Make sure your /incoming directory is >unreadable in any case... > >> From ftp@snarchive.sol.net Thu Sep 13 18:42:44 2001 >> Return-Path: >> Date: Thu, 13 Sep 2001 18:42:41 -0500 (CDT) >> From: wu-ftpd >> Subject: New file uploaded: file.tmp >> To: undisclosed-recipients:; >> >> jgreco@ uploaded /incoming/file.tmp from 206.55.xxx.xxx. >> File size is 504586240. >> Please move the file where it belongs. > >This has the advantage of being almost instantaneous. > >After an @Home wanker decided to fill a few gigabytes on snarchive, >creating a denial-of-service to the legitimate users, I turned this >on. Now when somebody tries to use me for their warez, I accidentally >corrupt a bunch of bytes in their files. > >So far, they seem to have gotten the message, because I've only seen >one unauthorized file attempted upload this week. >:-> >-- >Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net >"We call it the 'one bite at the apple' rule. Give me one chance [and] then I >won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) >With 24 million small businesses in the US alone, that's way too many apples. > > Best regards, Jack L. Stone, Server Admin Sage-American http://www.sage-american.com jacks@sage-american.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message