[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] ftp-scans (was: Sendmail attacks)
- Subject: Re: [cobalt-security] ftp-scans (was: Sendmail attacks)
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Thu, 6 Nov 2003 20:40:22 +0100
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> - build a website to which your customers can log on (use ssl)
> - in this site give them a button to a script that adds their ip to a
> special ipchains chain that grands them access to ftp (takes some suid-ing,
> you could even use the cobalt admin server......)
> - flush this chain every night at say 5am
Yeah, that is a good idea.
I think I year ago I wrote a small extension to the existing POP-before-SMTP
which basically extended its functionality to POP-before-FTP, too. It
dynamically queried the POP-before-SMTP database of IPs every 5 minutes and
then allowed FTP for these IPs for the next 30 minutes.
But that's still not a really satisfying solution due to the extra overhead -
both technically and also from a support point of view.
--
With best regards,
Michael Stauber