Date: Sun, 24 Nov 1996 15:54:07 +1100 From: davidn@sdev.usn.blaze.net.au (David Nugent) To: bsdisp@shadows.aeon.net (mika ruohotie) Cc: freebsd-isp@freebsd.org Subject: Re: The best way to allow users to access a WWW directory Message-ID: <Mutt.19961124155407.davidn@sdev> In-Reply-To: <199611231935.VAA29347@shadows.aeon.net>; from mika ruohotie on Nov 23, 1996 21:35:04 %2B0200 References: <32964B0F.3C88@herald.net> <199611231935.VAA29347@shadows.aeon.net>
next in thread | previous in thread | raw e-mail | index | archive | help
mika ruohotie writes: > now, those lusers need to update their pages, and i'm not about to > give out _any_ shell accounts. nada. I think this may well turn some customers away. Of course, that is ultimately your choice, but there's no way I'd personally touch an ISP that doesn't let me into my account on their system. I find it far too useful, especially if I was having problems getting a PPP or SLIP connection up, or if for some reason I couldn't. Many people will be happy enough without it though, so its no big deal. > anyway, so i have to let them ftp into the machine. BUT, there's > few probs i've realized i will still have... first, does anyone > use this with any success/problems? Yes. And no major problems. Just place instructions where your customers will see them (a link from your home page is good), express them in terms of the software they're using (which means multiple sets of instructions if you want to cover things outside of win* etc.) and they'll use it if they want to. > now, how do i prevent the users from uploading pirated stuff there? > i _will_ quota their space usage. i have no way, right? Monitor uploads. Easily done with grep on the xferlog, and add diff if you want a daily report on activities (always a good idea). Add it to /etc/daily. Make "do not upload pirated software" part of your conditions of use, and revoke an account immediately if you find out about it happening, and make it known that you monitor uploads to your machine. Most folks are pretty reasonable about this if the consequences are made clear to start with (although I'd be surprised if anyone seriously did think it would be allowed even without notice). > so, my question is, how vulnerable the machine is while it's > still allowing the ftp access from dualup side of the network? > (no way i will allow non local network ips ftp in) or am i > being overly paranoid? Yes, I think you are. But it depends on what your requirements are. If there is precious data to be protected on the machine in question, then you should not allow external parties on it AT ALL, and that includes building firewalls and whatever else it takes to limit access to your system from outside. But if the machine is intended to run a service, then you need grant access. Let's face it - even if some idiot does take the machine down, you can recover within a couple of hours from a backup, right? There is a tradeoff between security and service provision, and while you don't want to make it easy for crackers to get in and do their thing just for the hell of it (especially interfering with other users, their accounts and using time you charge for etc), you can also be overly paraoid about what you're protecting. The point is that you need to tailor the level of security you implement according to the requirements. If your system is simply an internet service, then it is ultimately replaceable and quickly recovered should something fail and if you're taking the correct procedures for backup. It isn't as though there's anything on the machine that's worth stealing or could not be gotten elsewhere on the internet. The thing you need to protect in that case is your accounting system, or whatever data it is you use to charge your customers, and that includes taking whatever protection is reasonable to prevent external parties from breaking into your users' accounts (although protecting those users from themselves is another issue :-(). The funny thing about security is that it usually gets either too much emphasis or too little, or too little in the wrong areas. > oooooh yes. will i get into the troubles with file permissions > with my scheme? (running a script that sets them right every > several minutes should not eat too much cpu, right?) If you need to do this, once a day should be ample. And make sure either that (a) each user is placed into their own unique group - adduser does this by default, or (b) making sure that ftpd's default umask is 002. The user can of course change this if their ftp client allows them to, but in that case it is intentional, and their problem if they lose their data. > and another thing, i am planning to let people have several > email accounts under their address (that being luser.soap.bar, > static ip too), am i digging myself into a any kind of hole > with that setup? For 2-3 user accounts (such as a family) where privacy isn't an issue, this is fine. But just use aliases on your system to forward the additional name to the real mailbox. Don't worry about setting up domains. Otherwise, create a subdomain and allow for delivery via SMTP or UUCP, depending on what software they have available on their end. The static ip is required for SMTP, but not for UUCP (over tcpip - a free version of a suitable package is available for Win* too). DON'T place the entire domain's mail into a mailbox for delivery using POP. It can easily be done, but you lose the delivery envelope, which only makes for problems for your user which cannot be easily resolved. Use the proper tools for the job. If your customer is serious about supporting multiple users on their system, then they need to be serious about it too. Regards, David Nugent, Unique Computing Pty Ltd - Melbourne, Australia Voice +61-3-9791-9547 Data/BBS +61-3-9792-3507 3:632/348@fidonet davidn@blaze.net.au http://www.blaze.net.au/~davidn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Mutt.19961124155407.davidn>