Date: Tue, 16 Oct 2001 13:59:27 -0600 From: Scott Gerhardt <scott@gerhardt-it.com> To: freebsd-questions@FreeBSD.ORG Subject: ftp security Message-ID: <3BCC919F.B32824A9@gerhardt-it.com>
next in thread | raw e-mail | index | archive | help
I just set up a FreeBSD 4.4-Release box and enabled anonymous ftp during the install. Within 24 hours I noticed a "/Tagged/by/PS2H/" directory under /var/ftp/pub/incoming. I couldn't find any good documentation on this, but came accross lots of other "Tagged" ftp sites when doing a google search on "ftp incoming tagged". My conclusion is that this is a common thing and is only slightly malicous to the extent of ftp uploads consuming disk space. I would guess it is just script kiddies trying to find a place to store porn. Am I correct? Since I don't need anonymous uploads enabled, I did the following: 1.) Deleted everything under /var/ftp/pub including /incoming 2.) Turned on ftpd logging verbose '-l -l' With logging on I noticed that there are still anonymous requests to create "@@Tagged@@_" directories. Is there anything else I should know? - Paranoid -- ------------------------------------ Scott Gerhardt, P.Geo. Gerhardt Information Technologies To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BCC919F.B32824A9>