From owner-freebsd-current Tue Aug 29 4: 6:20 2000 Delivered-To: freebsd-current@freebsd.org Received: from pawn.primelocation.net (pawn.primelocation.net [205.161.238.235]) by hub.freebsd.org (Postfix) with ESMTP id E3C7E37B422 for ; Tue, 29 Aug 2000 04:06:18 -0700 (PDT) Received: from earth.causticlabs.com (oca-p1-18.hitter.net [207.192.76.18]) by pawn.primelocation.net (Postfix) with ESMTP id C637C9B05 for ; Tue, 29 Aug 2000 07:06:16 -0400 (EDT) Date: Tue, 29 Aug 2000 07:06:15 -0400 (EDT) From: "Chris D. Faulhaber" X-Sender: jedgar@earth.causticlabs.com To: freebsd-current@FreeBSD.org Subject: Restricting ftpd commands (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG The following got no response on -security two weeks ago. Perhaps -current will have more opinions. ---------- Forwarded message ---------- I have found quite a few commands that ftpd shouldn't necessarily be responding to if the user hasn't logged in. In total, the following commands are taught to not talk to strangers: TYPE, STRU, MODE, ALLO, ABOR, SITE IDLE, SYST, REST. Many of these were obtained from OpenBSD. See http://www.fxp.org/~jedgar/ftpcmd.y.diff for the diff. ----- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message