[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] FTP Probing/scanning - Question
- Subject: Re: [cobalt-security] FTP Probing/scanning - Question
- From: Carrie Bartkowiak <ravencarrie@xxxxxxxx>
- Date: Sat, 1 Sep 2001 12:44:42 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Thu, 30 Aug 2001 15:48:39 +1200, Render-Vue mumbled something
like:
>>(pD9034B56.dip.t-dialin.net[217.3.75.86]) - USER anonymous (Login
>>failed):
>>Can't find user.
As far as I know, there isn't any way to stop this other than turning
off FTP all together (you could set up secure ftp through your SSH
tunnel but I can't find any definitive instructions on doing that).
I get tons of these every day. It's hackers looking for somewhere to
stash their warez, so they can then give out the addy and use up
*your* bandwidth and space instead of their own. Grr.
Best thing I suppose is just not to allow AnonFTP - it's really not
needed anyway unless your client is a software programmer or
something; but even then he could offer it as an http download or set
up a true ftp account and give out the username/password for it only
after someone had registered at his site. And change the user/pass
often. ;)
If there's a way to stop the scans, I'd love to know about it as
well...
--
CarrieB
You can lead a person to knowledge, But you can?t make them think.