[CLUE-Tech] enabling ftp

ian iguy at ionsphere.org
Sat Mar 17 08:49:36 MST 2001 

I cant' say this enough.  TURN OFF FTP ASAP!!!!

Especially since your on a cable modem (Road Runner?).  It is amazingly
easy to snoop on the Cable modem network to capture cleartext login passwords.  

That was how I originally got compromised.  I went down the same path that
you are with how to secure your box.  First I'll get ftp.. then I'll get 
apache.. then I'll get ssh.. then I'll put a firewall up.  Wrong order.. 

What'll happen is .. "Honey.. I need you to go to the store and get lunch.
Ooppss.. didn't get ssh up this weekend.  Its on my todo list.  Honest."

Before you go any farther lock down your connection with a firewall.  The 
learning curve is worth it.  Then get SSH on.  Make sure that everything is
turned off that you aren't using such as telnet, ftp, RPC, X, the list goes
on and on and on.  You can test yoru connection and what is open on it
by going to http://www.grc.com

If you have SSH running properly you don't really need an ftp server at all.

ian



On Fri, Mar 16, 2001 at 04:26:17PM -0700, rfrank wrote:
> Usually the how-to's and the newbie help files get me through it,
> but I'm stumped on this one.  I've taken Mandrake 7.2 and set it up
> as a firewall/IP masquerader on a dedicated machine with my home
> network on the 2nd Ethernet card side of that box. That all works fine 
> as far as I can tell.
> 
> Now, from outside, I want to be able to ftp into that machine and
> get files.  (Later I want to telnet and ssh and even put a web page up,
> but that's further down the learning curve.)
> 
> I have the (default) entry in /etc/passwd for ftp, I haven't modified
> /etc/ftpaccess but made sure it's there.  I do have the line
> /sbin/modprobe ip_masq_ftp in my /etc/rc.d/rc.firewall script.
> /etc/inetd.conf looks good to me (as best as I would know).
> But when I try to connect to my dedicated IP address from 
> a machine outside my local network, I get:
>   [rfrank at brechin rfrank]$  ftp 24.221.212.160
>   ftp: connect: Connection refused
>   ftp> 
> I get similar results with telnet to the same address. 
> 
> This can't be that tough.  What have I missed?  A firewall rule?
> Turning on some daemon?  
> 
> Roger Frank
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech

More information about the clue-tech mailing list