From owner-freebsd-questions Thu Sep 13 7:27:45 2001 Delivered-To: freebsd-questions@freebsd.org Received: from marble.dublin.wbtsystems.com (marble.dublin.wbtsystems.com [193.120.231.8]) by hub.freebsd.org (Postfix) with ESMTP id 6461537B406 for ; Thu, 13 Sep 2001 07:27:39 -0700 (PDT) Received: from SUNYA ([193.120.231.190]) (authenticated) by marble.dublin.wbtsystems.com (8.11.6/8.11.6) with ESMTP id f8DER1V28989; Thu, 13 Sep 2001 15:27:01 +0100 (IST) From: "Barry Byrne" To: Cc: Subject: RE: anonymous-ftp cracked Date: Thu, 13 Sep 2001 15:27:01 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <3.0.5.32.20010913090817.011559f8@mail.sage-american.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Jack: I too need to maintain an incoming directory on a couple of servers. The trick of making the directory unreadable really works. I still get probed on a daily basis (perhaps from two or three different IPs) but they all seem to do a small test transfer followed by an attempt to download) once it fails they go away. I run a small script every 15 minutes to move any recent uploads to an internally accessible directory for our users. It only takes one night with a readable/writable ftp server to be filled with warez/etc. Cheers, Barry -- Barry Byrne, IT Manager, WBT Systems, Block 2, Harcourt Centre Harcourt Street, Dublin 2, Ireland Phone: +353 1 417 0150 Fax: +353 1 478 5544 Email: barry.byrne@wbtsystems.com Web: www.wbtsystems.com > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of > jacks@sage-american.com > Sent: 13 September 2001 15:08 > To: Ted Mittelstaedt; Giorgos Keramidas; P. U. (Uli) Kruppa > Cc: current@FreeBSD.ORG; freebsd-questions@FreeBSD.ORG > Subject: RE: anonymous-ftp cracked > > > Ted: I've been watching this one because I've HAD to allow uploads to > incoming because of a need for such a place article submissions from our > Tech mag website from 175+ countries. > > Your tips for monitoring (like the script for a daily listing of the > directory) are so simple and obvious it put a smile on my face. > Thanks! LUV > this list! > > At 09:28 PM 9.12.2001 -0700, Ted Mittelstaedt wrote: > >>-----Original Message----- > >>From: owner-freebsd-questions@FreeBSD.ORG > >>[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Giorgos > >>Keramidas > >> > >>Another common thing done in writable incoming/ directories is > to create a > >>file of fixed size, say 100 Mb, and use vnconfig to mount this > file as the > >>incoming/ directory of an FTP server. Then there's only about 100 Mb of > >>space available in your incoming/ and nobody can store tons of data in > there, > >>wasting your disk space until disks are full. > >> > > > >Hi Uli and Giorgos, > > > > I've had a bit of experience with this sort of thing and I > have to say that > >nobody should be running an open FTP server that allows > uploading to anyone > >unless they are willing to take the time to monitor it - and I mean every > >day, preferably several times a day. > > > >100MB is plenty of space for some jerk to upload his collection > >of Sally SpreadEagle in all her silicon glory. If that happens > >your going to find every bit of outbound bandwidth you have completely > >saturated. If your unlucky enough to have your FTP server at an > >ISP you may find yourself fined heavily (ie: overage charges) > > > > Some people have a little script that runs out of cron and diffs the > >output of ls against the previous run and e-mails the maintainer when new > >files show up, others simply check by eye. Whatever works for > you is fine, > >but don't think that you can just put out public storage for > anyone to use > >as they see fit and just ignore it anymore. > > > > > >Ted Mittelstaedt > tedm@toybox.placo.com > >Author of: The FreeBSD Corporate > Networker's Guide > >Book website: > http://www.freebsd-corp-net-guide.com > > > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-questions" in the body of the message > > > > > > Best regards, > Jack L. Stone, > Server Admin > > Sage-American > http://www.sage-american.com > jacks@sage-american.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message