From owner-freebsd-stable Thu Aug 30 7:23:57 2001 Delivered-To: freebsd-stable@freebsd.org Received: from mirage.nlink.com.br (mirage.nlink.com.br [200.249.195.3]) by hub.freebsd.org (Postfix) with SMTP id 0814A37B406 for ; Thu, 30 Aug 2001 07:23:54 -0700 (PDT) (envelope-from paulo@nlink.com.br) Received: (qmail 16952 invoked by uid 501); 30 Aug 2001 14:23:52 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 30 Aug 2001 14:23:52 -0000 Date: Thu, 30 Aug 2001 11:23:52 -0300 (BRT) From: Paulo Fragoso To: Subject: FTPD in inetd.conf Message-ID: <20010830110707.J68715-100000@mirage.nlink.com.br> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, We would like make a susgestion. If we have modified some confs files (inetd.conf, syslog.conf and newsyslog.conf) the default configuration for ftp will be more helpfuly. After this we can find ftp erros and files suspects to try exploit this server. We have always modified on ours instalations, it turn on logs of files changed by ftp. inetd.conf: change ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l to: ftp stream tcp nowait root /usr/libexec/ftpd ftpd -llS syslogd.conf: add: ftp.* /var/log/ftpd.log newsyslog.conf: add: /var/log/ftpd.log 600 10 100 * Z Is this a good idea? Paulo Fragoso. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message