Re: Are these attempted hacks normal?

From: Gross (martygross@msn.com)
Date: 03/03/03 

From: "Gross" <martygross@msn.com>
Date: Mon, 3 Mar 2003 11:52:53 -0600

So, enabling and disabling writing access to an FTP directory is done
specifically via the PROPERTIES dialogue box for that directory (XP, IIS
5.1), and not by toggling some other setup option for the iuser_ account
itself?

Right? I just want be sure that not checking off the "write" box in the
PROPERTIES dialogue is all I need to do in order to prohibit the editing of
my folders.

"x y, mvp" <levinson_k@despammed.com> wrote in message
news:#iUa8kY4CHA.2464@TK2MSFTNGP10.phx.gbl...
> ... so make sure none of your FTP folders ever grant both read and write
> permission to the anonymous FTP user [the IUSR account, by default]. You
> might also want to consider deleting the Posix subsystem, and visiting
> www.windowsupdate.com for patches, and following the hardening
instructions
> in the second link below. Further information on this hack:
>
> http://securityadmin.info/faq.htm#ftpfolder
> http://securityadmin.info/faq.htm#harden [including info on the posix
> subsystem]
>
>
> "S. Pidgorny [MVP]" <slavickp@yahoo.com> wrote in message
> news:u0PJ3RW4CHA.2332@TK2MSFTNGP10.phx.gbl...
> > Yes, this is the white noise on the Internet: a robot is trying to
convert
> > your system to a pirated software on porn distribution point. They will
> try
> > as long as you allow anonymous ftp.
> >
> > --
> > Svyatoslav Pidgorny, MS MVP, MCSE
> > -= F1 is the key =-
> >
> >
> > "Gross" <martygross@msn.com> wrote in message
> > news:023b01c2e121$2ee5fcf0$a101280a@phx.gbl...
> > > Is this normal... should I just get used to this garbage
> > > showing up in my IIS 5.1 FTP log?
> > >
> > > 23:01:19 81.220.198.227 [1]USER anonymous 331
> > > 23:01:19 81.220.198.227 [1]PASS Wgpuser@home.com 230
> > > 23:01:19 81.220.198.227 [1]MKD 030303000036p 550
> > >
> > > The good news is that they were not successful. I'm set
> > > up for anonymous logins, so I guess this comes witht the
> > > territory.
> > >
> > > OR, am I missing a setup option that allows this to occur?
> > >
> > >
> >
> >
>
>

Relevant Pages

  • 2003 server iis ftp auto create new directories
    ... I'm using FTP from server 2003 in isolation mode without AD. ... thousands of users and after that other scripts to check which user has ... I'd like to be able to create FTP directory for my users on-a-fly. ...
    (microsoft.public.inetserver.iis.ftp)
  • Dynamic FTP site and file locking
    ... We're going to be setting up an FTP site, ... Alpha system. ... versions of the data files will be retained, ... could move the file into the anonymous FTP directory under a different ...
    (comp.os.vms)
  • Re: error at usr.bin/ftp when building 5.3RC1 world
    ... > does the ftp directory exist at all? ... > you have both an `ftp' subdirectory in your ... I was trimming down the sources in refuse file, ... Yep, one learn smth everyday. ...
    (freebsd-current)
  • UID/GID in anon.ftp directory
    ... I set up an anonymous ftp directory on FreeBSD system and copied the anon.ftp directory from our old ftp server to the new FreeBSD server. ...
    (freebsd-questions)
  • Trouble accessing FTP outside LAN
    ... I have a Windows 2000 pro machine running ftp services. ... our local LAN can connect and view the ftp directory. ... to access the folder. ...
    (microsoft.public.inetserver.iis.ftp)