[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] FTP Probing/scanning - Question

Subject: Re: [cobalt-security] FTP Probing/scanning - Question
From: Carrie Bartkowiak <ravencarrie@xxxxxxxx>
Date: Sat, 1 Sep 2001 12:44:42 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Thu, 30 Aug 2001 15:48:39 +1200, Render-Vue mumbled something 
like:
>>(pD9034B56.dip.t-dialin.net[217.3.75.86]) - USER anonymous (Login
>>failed):
>>Can't find user.

As far as I know, there isn't any way to stop this other than turning 
off FTP all together (you could set up secure ftp through your SSH 
tunnel but I can't find any definitive instructions on doing that).
I get tons of these every day. It's hackers looking for somewhere to 
stash their warez, so they can then give out the addy and use up 
*your* bandwidth and space instead of their own. Grr.
Best thing I suppose is just not to allow AnonFTP - it's really not 
needed anyway unless your client is a software programmer or 
something; but even then he could offer it as an http download or set 
up a true ftp account and give out the username/password for it only 
after someone had registered at his site. And change the user/pass 
often.  ;)

If there's a way to stop the scans, I'd love to know about it as 
well...
--
CarrieB
You can lead a person to knowledge, But you can?t make them think.

References:
- [cobalt-security] FTP Probing/scanning - Question
  - From: Render-Vue

Prev by Date: Re: [cobalt-security] Detecting Hacks Guide for Dummies?
Next by Date: Re: [cobalt-security] Security issue regarding Sites Backups
Previous by thread: [cobalt-security] FTP Probing/scanning - Question
Next by thread: [cobalt-security] SSH access when off at GUI ??

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index