Re: FTP and iptables question

mikepb_at_hoplite.org
Date: 09/26/03

• Next message: Jonathan L Cunningham: "Re: This doesn't add up / have I been rooted?"
• Previous message: ynotssor: "Re: Did I give up on telnet too easily?"
• In reply to: belbo: "FTP and iptables question"
• Next in thread: mikepb_at_hoplite.org: "Re: FTP and iptables question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 26 Sep 2003 07:48:58 GMT

belbo <belbo@abulafia.it> wrote:

> 21 FTP OPEN! FTP servers have many known security vulnerabilities and
> the payoff from exploiting an insecure FTP server can be significant.
> This system's open FTP port is inviting intruders to examine
> your system more closely.

> Is this normal? Can I make invisible my ftp server for port scanners but
> visible for normal connections at same time?

Yes. No.

> In another on-line test, I got this strange message, that I didn't
> understand:

> Attempting connection to your computer. . .
> Shields UP! is now attempting to contact the Hidden Internet Server
> within your PC. It is likely that no one has told you that your own
> personal computer may now be functioning as an Internet Server with
> neither your knowledge nor your permission. And that it may be serving
> up all or many of your personal files for reading, writing, modification
> and even deletion by anyone, anywhere, on the Internet!

> What the hell does it mean? Must I worry?

Don't use ftp if you want a secure system.

-- 
Michael P. Brininstool                  mikepb@hoplite.org
"The said constitution shall never be construed to authorize congress to
prevent the people of the United States who are peaceable citizens from
keeping their own arms." -- Sam Adams

---

• Next message: Jonathan L Cunningham: "Re: This doesn't add up / have I been rooted?"
• Previous message: ynotssor: "Re: Did I give up on telnet too easily?"
• In reply to: belbo: "FTP and iptables question"
• Next in thread: mikepb_at_hoplite.org: "Re: FTP and iptables question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Help with IPFW + NATD + Passive FTP ... passive FTP connections through IPFW with NATD enabled. ... $cmd 005 allow all from any to any via dc0 ... # Interface facing Public internet ... # Allow out access to my ISP's Domain name server. ... (freebsd-questions) RE: Client Computers cannot upload or download from Remote FTP ser ... SBS External NIC - Cannot FTP From this server ... SBS Internal NIC ... FTP server is Checked in Routing and Remote Access - Internet Connection - ... (microsoft.public.windows.server.sbs) Re: FTP PUT with Store Unique ... The best list for topics related to the Communications Server IP ... command or vice versa. ... Instructs the FTP client not to include a name with the STOU ... -- If NONAME is in effect, no name string specifying a foreign_file value follows ... (bit.listserv.ibm-main) Re: FTP and iptables question ... > the payoff from exploiting an insecure FTP server can be significant. ... is now attempting to contact the Hidden Internet Server ... > personal computer may now be functioning as an Internet Server with ... (comp.os.linux.security) RE: Client Computers cannot upload or download from Remote FTP ser ... Only FTP via the MS DOS FTP Client ... The server that works is a member of the SBS's Domain, BUT as I indicated, ... the router, not the SBS server. ... The client event log has nothing related logged. ... (microsoft.public.windows.server.sbs)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.os.linux.security  > 2003-09