Re: FTP and iptables question

mikepb_at_hoplite.org
Date: 09/26/03


Date: Fri, 26 Sep 2003 07:48:58 GMT

belbo <belbo@abulafia.it> wrote:

> 21 FTP OPEN! FTP servers have many known security vulnerabilities and
> the payoff from exploiting an insecure FTP server can be significant.
> This system's open FTP port is inviting intruders to examine
> your system more closely.

> Is this normal? Can I make invisible my ftp server for port scanners but
> visible for normal connections at same time?

Yes. No.

> In another on-line test, I got this strange message, that I didn't
> understand:

> Attempting connection to your computer. . .
> Shields UP! is now attempting to contact the Hidden Internet Server
> within your PC. It is likely that no one has told you that your own
> personal computer may now be functioning as an Internet Server with
> neither your knowledge nor your permission. And that it may be serving
> up all or many of your personal files for reading, writing, modification
> and even deletion by anyone, anywhere, on the Internet!

> What the hell does it mean? Must I worry?

Don't use ftp if you want a secure system.

-- 
Michael P. Brininstool                  mikepb@hoplite.org
"The said constitution shall never be construed to authorize congress to
prevent the people of the United States who are peaceable citizens from
keeping their own arms." -- Sam Adams


Relevant Pages

  • Help with IPFW + NATD + Passive FTP
    ... passive FTP connections through IPFW with NATD enabled. ... $cmd 005 allow all from any to any via dc0 ... # Interface facing Public internet ... # Allow out access to my ISP's Domain name server. ...
    (freebsd-questions)
  • RE: Client Computers cannot upload or download from Remote FTP ser
    ... SBS External NIC - Cannot FTP From this server ... SBS Internal NIC ... FTP server is Checked in Routing and Remote Access - Internet Connection - ...
    (microsoft.public.windows.server.sbs)
  • Re: FTP PUT with Store Unique
    ... The best list for topics related to the Communications Server IP ... command or vice versa. ... Instructs the FTP client not to include a name with the STOU ... -- If NONAME is in effect, no name string specifying a foreign_file value follows ...
    (bit.listserv.ibm-main)
  • Re: FTP and iptables question
    ... > the payoff from exploiting an insecure FTP server can be significant. ... is now attempting to contact the Hidden Internet Server ... > personal computer may now be functioning as an Internet Server with ...
    (comp.os.linux.security)
  • RE: Client Computers cannot upload or download from Remote FTP ser
    ... Only FTP via the MS DOS FTP Client ... The server that works is a member of the SBS's Domain, BUT as I indicated, ... the router, not the SBS server. ... The client event log has nothing related logged. ...
    (microsoft.public.windows.server.sbs)