Date: Wed, 25 Feb 2004 12:14:38 +0100 From: Alexander Leidinger <Alexander@Leidinger.net> To: "Julian Stacey" <jhs@berklix.org> Cc: np@bsn.com Subject: Re: ftpd loop hole ? Message-ID: <20040225121438.45571550@Magellan.Leidinger.net> In-Reply-To: <200402250358.i1P3wZeC004091@fire.jhs.private> References: <200402250358.i1P3wZeC004091@fire.jhs.private>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 25 Feb 2004 04:58:35 +0100 (CET)
"Julian Stacey" <jhs@berklix.org> wrote:
> Hi freebsd-isp@ people, CC np@bsn.com, ewinter@ewinter.org
>
> Has anyone else seen an exploit of standard ftpd on 4.9-RELEASE ?
I haven't, but this doesn't mean there can't be one lurking around.
> Some bandwidth thief uploaded videos to my ~ftp/ for bootleggers to download.
>
> How to stop a repeat occurence ? There's very few people have
> logins on this machine, & I trust the people, & most of them aren't even
> competent to achieve an intrusion. It was probably not an inside job.
[config]
It depends on the configuration. You had a ftp user and the ftpd wasn't
configured to disallow anonymous logins.
If the server depends upon the use of anonymous logins, and those guests
have to be allowed to upload data and download the same data, there's
nothing you can do about it.
If you don't need anonymous
- access, remove the ftp user
- read access, use the -O option
- write access, use an appropriate chmod command
Bye,
Alexander.
--
I will be available to get hired in April 2004.
http://www.Leidinger.net Alexander @ Leidinger.net
GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040225121438.45571550>