[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] ftp-scans (was: Sendmail attacks)

Subject: Re: [cobalt-security] ftp-scans (was: Sendmail attacks)
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Thu, 6 Nov 2003 20:40:22 +0100
Organization: SOLARSPEED.NET
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> - build a website to which your customers can log on (use ssl)
> - in this site give them a button to a script that adds their ip to a
> special ipchains chain that grands them access to ftp (takes some suid-ing,
> you could even use the cobalt admin server......)
> - flush this chain every night at say 5am

Yeah, that is a good idea. 

I think I year ago I wrote a small extension to the existing POP-before-SMTP 
which basically extended its functionality to POP-before-FTP, too. It 
dynamically queried the POP-before-SMTP database of IPs every 5 minutes and 
then allowed FTP for these IPs for the next 30 minutes. 

But that's still not a really satisfying solution due to the extra overhead - 
both technically and also from a support point of view. 

-- 

With best regards,

Michael Stauber

Follow-Ups:
- RE: [cobalt-security] ftp-scans (was: Sendmail attacks)
  - From: Chad

References:
- RE: [cobalt-security] ftp-scans (was: Sendmail attacks)
  - From: Jelmer Jellema

Prev by Date: Re: [cobalt-security] Sendmail attacks
Next by Date: RE: [cobalt-security] ftp-scans (was: Sendmail attacks)
Previous by thread: RE: [cobalt-security] ftp-scans (was: Sendmail attacks)
Next by thread: RE: [cobalt-security] ftp-scans (was: Sendmail attacks)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index