Date: Wed, 5 Feb 1997 11:45:44 -0600 (CST) From: Greg Stringfellow <greg@smokey.prismnet.com> To: freebsd@nwpros.com (FreeBSD 2.2-BETA) Cc: freebsd-isp@freebsd.org Subject: Re: hacking - help Message-ID: <199702051745.LAA16629@smokey.prismnet.com> In-Reply-To: <Pine.BSF.3.91.970205100920.14424B-100000@nwpros.com> from "FreeBSD 2.2-BETA" at "Feb 5, 97 10:11:04 am"
next in thread | previous in thread | raw e-mail | index | archive | help
FreeBSD 2.2-BETA said:
> On Wed, 5 Feb 1997, Ricardo Kleemann wrote:
> >
> > But, the real question is, what hole must I plug to prevent this? Is there
> > a known hole where someone can log in as ftp and gain root access?
> >
> > Also, does freebsd support host.allow and host.deny? I didn't see those
> > files in /etc and there was no man page
> >
> Do not allow anonymous FTP. That solves the problem of them logging in
> like that. As for the hosts, yes it does. Try
> feeding.frenzy.com...it very succesfully uses it (well at least
> against my efforts :P).
>From what is being described here, someone is trying to telnet in as the FTP
user. You could disallow anonymous FTP access, but if you need it there is a
way to patch the hole.
Just make sure than something like /nonexistent is the shell for the user
"ftp". That way, they cannot log in. Also, make sure that in your
master.passwd file you have an asterisk where their encrypted password
should be. Use "vipw" to edit your master.passwd file. I use both of these
methods and I run wuftpd.
For an even better anonymous FTP server use WUFTPD which is in the ports
directory.
FreeBSD does not support the hosts.allow or hosts.deny out of the box. You
have to instal TCP Wrappers which, I believe, is also in the ports directory.
Greg
--
Greg Stringfellow PrismNet, Inc.
Network Administration WWW Pages, ISDN, Telnet, Dialup Accounts
Phone: (512)-418-1568
"I used up all my sick days...so I'm calling in dead"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702051745.LAA16629>