Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 16 Oct 2001 13:59:27 -0600
From:      Scott Gerhardt <scott@gerhardt-it.com>
To:        freebsd-questions@FreeBSD.ORG
Subject:   ftp security
Message-ID:  <3BCC919F.B32824A9@gerhardt-it.com>

next in thread | raw e-mail | index | archive | help
I just set up a FreeBSD 4.4-Release box and enabled anonymous ftp during
the install.

Within 24 hours I noticed a "/Tagged/by/PS2H/" directory under
/var/ftp/pub/incoming.

I couldn't find any good documentation on this, but came accross lots of
other "Tagged" ftp sites when doing a google search on "ftp incoming
tagged".

My conclusion is that this is a common thing and is only slightly
malicous to the extent of ftp uploads consuming disk space.  I would
guess it is just script kiddies trying to find a place to store porn. Am
I correct?

Since I don't need anonymous uploads enabled, I did the following:
1.) Deleted everything under /var/ftp/pub including /incoming
2.) Turned on ftpd logging verbose '-l -l'


With logging on I noticed that there are still anonymous requests to
create "@@Tagged@@_" directories.


Is there anything else I should know?


	- Paranoid


-- 
------------------------------------
Scott Gerhardt, P.Geo.
Gerhardt Information Technologies

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BCC919F.B32824A9>