Date: Thu, 13 Sep 2001 09:08:17 -0500 From: jacks@sage-american.com To: "Ted Mittelstaedt" <tedm@toybox.placo.com>, "Giorgos Keramidas" <charon@labs.gr>, "P. U. (Uli) Kruppa" <root@pukruppa.de> Cc: <current@FreeBSD.ORG>, <freebsd-questions@FreeBSD.ORG> Subject: RE: anonymous-ftp cracked Message-ID: <3.0.5.32.20010913090817.011559f8@mail.sage-american.com> In-Reply-To: <001501c13c0c$7d077780$1401a8c0@tedm.placo.com> References: <20010912211632.A65756@hades.hell.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
Ted: I've been watching this one because I've HAD to allow uploads to incoming because of a need for such a place article submissions from our Tech mag website from 175+ countries. Your tips for monitoring (like the script for a daily listing of the directory) are so simple and obvious it put a smile on my face. Thanks! LUV this list! At 09:28 PM 9.12.2001 -0700, Ted Mittelstaedt wrote: >>-----Original Message----- >>From: owner-freebsd-questions@FreeBSD.ORG >>[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Giorgos >>Keramidas >> >>Another common thing done in writable incoming/ directories is to create a >>file of fixed size, say 100 Mb, and use vnconfig to mount this file as the >>incoming/ directory of an FTP server. Then there's only about 100 Mb of >>space available in your incoming/ and nobody can store tons of data in there, >>wasting your disk space until disks are full. >> > >Hi Uli and Giorgos, > > I've had a bit of experience with this sort of thing and I have to say that >nobody should be running an open FTP server that allows uploading to anyone >unless they are willing to take the time to monitor it - and I mean every >day, preferably several times a day. > >100MB is plenty of space for some jerk to upload his collection >of Sally SpreadEagle in all her silicon glory. If that happens >your going to find every bit of outbound bandwidth you have completely >saturated. If your unlucky enough to have your FTP server at an >ISP you may find yourself fined heavily (ie: overage charges) > > Some people have a little script that runs out of cron and diffs the >output of ls against the previous run and e-mails the maintainer when new >files show up, others simply check by eye. Whatever works for you is fine, >but don't think that you can just put out public storage for anyone to use >as they see fit and just ignore it anymore. > > >Ted Mittelstaedt tedm@toybox.placo.com >Author of: The FreeBSD Corporate Networker's Guide >Book website: http://www.freebsd-corp-net-guide.com > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > Best regards, Jack L. Stone, Server Admin Sage-American http://www.sage-american.com jacks@sage-american.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.20010913090817.011559f8>