From owner-freebsd-questions Thu Sep 13 7:38:47 2001 Delivered-To: freebsd-questions@freebsd.org Received: from sage-american.com (sage-american.com [216.122.141.44]) by hub.freebsd.org (Postfix) with ESMTP id 6AE4D37B408 for ; Thu, 13 Sep 2001 07:38:29 -0700 (PDT) Received: from sageone (ppp-208-191-234-114.dialup.crchtx.swbell.net [208.191.234.114]) by sage-american.com (8.9.3/8.9.3) with SMTP id JAA23551; Thu, 13 Sep 2001 09:38:24 -0500 (CDT) Message-Id: <3.0.5.32.20010913093843.011559f8@mail.sage-american.com> X-Sender: jacks@mail.sage-american.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Thu, 13 Sep 2001 09:38:43 -0500 To: "Barry Byrne" From: jacks@sage-american.com Subject: RE: anonymous-ftp cracked Cc: In-Reply-To: References: <3.0.5.32.20010913090817.011559f8@mail.sage-american.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Thanks for all of the further helpful response... I should have added the details that the incoming permissions are just for uploads only... no downloads or viewable files allowed by the directory. Yet, monitoring is still a good idea. About other modes, forms, etc., although many submissions come from technically-oriented folks from around the world, that Tech ability doesn't necessarily include computers and I have to keep it simple. Submissions also contain a mix of text and graphics s any type of form won't work. The uploaders come without notice, except afterwards via email to let us know they have submitted an article.... So, the bandits won't find our FTP directory very useful.... Any more tips would be weleome..... At 03:27 PM 9.13.2001 +0100, Barry Byrne wrote: >Jack: > >I too need to maintain an incoming directory on a couple of servers. The >trick of making the directory unreadable really works. I still get probed on >a daily basis (perhaps from two or three different IPs) but they all seem to >do a small test transfer followed by an attempt to download) once it fails >they go away. I run a small script every 15 minutes to move any recent >uploads to an internally accessible directory for our users. It only takes >one night with a readable/writable ftp server to be filled with warez/etc. > >Cheers, > >Barry > >-- >Barry Byrne, IT Manager, >WBT Systems, Block 2, Harcourt Centre >Harcourt Street, Dublin 2, Ireland > >Phone: +353 1 417 0150 >Fax: +353 1 478 5544 >Email: barry.byrne@wbtsystems.com >Web: www.wbtsystems.com > >> -----Original Message----- >> From: owner-freebsd-questions@FreeBSD.ORG >> [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of >> jacks@sage-american.com >> Sent: 13 September 2001 15:08 >> To: Ted Mittelstaedt; Giorgos Keramidas; P. U. (Uli) Kruppa >> Cc: current@FreeBSD.ORG; freebsd-questions@FreeBSD.ORG >> Subject: RE: anonymous-ftp cracked >> >> >> Ted: I've been watching this one because I've HAD to allow uploads to >> incoming because of a need for such a place article submissions from our >> Tech mag website from 175+ countries. >> >> Your tips for monitoring (like the script for a daily listing of the >> directory) are so simple and obvious it put a smile on my face. >> Thanks! LUV >> this list! >> >> At 09:28 PM 9.12.2001 -0700, Ted Mittelstaedt wrote: >> >>-----Original Message----- >> >>From: owner-freebsd-questions@FreeBSD.ORG >> >>[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Giorgos >> >>Keramidas >> >> >> >>Another common thing done in writable incoming/ directories is >> to create a >> >>file of fixed size, say 100 Mb, and use vnconfig to mount this >> file as the >> >>incoming/ directory of an FTP server. Then there's only about 100 Mb of >> >>space available in your incoming/ and nobody can store tons of data in >> there, >> >>wasting your disk space until disks are full. >> >> >> > >> >Hi Uli and Giorgos, >> > >> > I've had a bit of experience with this sort of thing and I >> have to say that >> >nobody should be running an open FTP server that allows >> uploading to anyone >> >unless they are willing to take the time to monitor it - and I mean every >> >day, preferably several times a day. >> > >> >100MB is plenty of space for some jerk to upload his collection >> >of Sally SpreadEagle in all her silicon glory. If that happens >> >your going to find every bit of outbound bandwidth you have completely >> >saturated. If your unlucky enough to have your FTP server at an >> >ISP you may find yourself fined heavily (ie: overage charges) >> > >> > Some people have a little script that runs out of cron and diffs the >> >output of ls against the previous run and e-mails the maintainer when new >> >files show up, others simply check by eye. Whatever works for >> you is fine, >> >but don't think that you can just put out public storage for >> anyone to use >> >as they see fit and just ignore it anymore. >> > >> > >> >Ted Mittelstaedt >> tedm@toybox.placo.com >> >Author of: The FreeBSD Corporate >> Networker's Guide >> >Book website: >> http://www.freebsd-corp-net-guide.com >> > >> > >> > >> >To Unsubscribe: send mail to majordomo@FreeBSD.org >> >with "unsubscribe freebsd-questions" in the body of the message >> > >> > >> >> Best regards, >> Jack L. Stone, >> Server Admin >> >> Sage-American >> http://www.sage-american.com >> jacks@sage-american.com >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-questions" in the body of the message >> > > > Best regards, Jack L. Stone, Server Admin Sage-American http://www.sage-american.com jacks@sage-american.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message