[CLUE-Tech] enabling ftp
Brandon N
bneill at yahoo.com
Sat Mar 17 18:54:55 MST 2001
You can find almost every linux program at www.freshmeat.net
http://freshmeat.net/projects/portsentry/
Brandon
--- Cyberclops <Cyberclops at hawaii.rr.com> wrote:
> Where do you get "port sentry" and is it for Linux?
>
> Kevin Cullis wrote:
> >
> > Absolutely!! After Grant got caught, I installed Port Sentry in
> about
> > 20 minutes (I'm new at getting at the guts of Linux) and I went
> back to
> > grc.com and it works like a champ. Now I just got to figure out
> where
> > to put the commands to start it when I restart my CPU, which the
> runtime
> > is going on 50 days.
> >
> > Kevin
> >
> > ian wrote:
> > >
> > > I cant' say this enough. TURN OFF FTP ASAP!!!!
> > >
> > > Especially since your on a cable modem (Road Runner?). It is
> amazingly
> > > easy to snoop on the Cable modem network to capture cleartext
> login passwords.
> > >
> > > That was how I originally got compromised. I went down the same
> path that
> > > you are with how to secure your box. First I'll get ftp.. then
> I'll get
> > > apache.. then I'll get ssh.. then I'll put a firewall up. Wrong
> order..
> > >
> > > What'll happen is .. "Honey.. I need you to go to the store and
> get lunch.
> > > Ooppss.. didn't get ssh up this weekend. Its on my todo list.
> Honest."
> > >
> > > Before you go any farther lock down your connection with a
> firewall. The
> > > learning curve is worth it. Then get SSH on. Make sure that
> everything is
> > > turned off that you aren't using such as telnet, ftp, RPC, X, the
> list goes
> > > on and on and on. You can test yoru connection and what is open
> on it
> > > by going to http://www.grc.com
> > >
> > > If you have SSH running properly you don't really need an ftp
> server at all.
> > >
> > > ian
> > >
> > > On Fri, Mar 16, 2001 at 04:26:17PM -0700, rfrank wrote:
> > > > Usually the how-to's and the newbie help files get me through
> it,
> > > > but I'm stumped on this one. I've taken Mandrake 7.2 and set
> it up
> > > > as a firewall/IP masquerader on a dedicated machine with my
> home
> > > > network on the 2nd Ethernet card side of that box. That all
> works fine
> > > > as far as I can tell.
> > > >
> > > > Now, from outside, I want to be able to ftp into that machine
> and
> > > > get files. (Later I want to telnet and ssh and even put a web
> page up,
> > > > but that's further down the learning curve.)
> > > >
> > > > I have the (default) entry in /etc/passwd for ftp, I haven't
> modified
> > > > /etc/ftpaccess but made sure it's there. I do have the line
> > > > /sbin/modprobe ip_masq_ftp in my /etc/rc.d/rc.firewall script.
> > > > /etc/inetd.conf looks good to me (as best as I would know).
> > > > But when I try to connect to my dedicated IP address from
> > > > a machine outside my local network, I get:
> > > > [rfrank at brechin rfrank]$ ftp 24.221.212.160
> > > > ftp: connect: Connection refused
> > > > ftp>
> > > > I get similar results with telnet to the same address.
> > > >
> > > > This can't be that tough. What have I missed? A firewall
> rule?
> > > > Turning on some daemon?
> > > >
> > > > Roger Frank
> > > > _______________________________________________
> > > > CLUE-Tech mailing list
> > > > CLUE-Tech at clue.denver.co.us
> > > > http://clue.denver.co.us/mailman/listinfo/clue-tech
> > > _______________________________________________
> > > CLUE-Tech mailing list
> > > CLUE-Tech at clue.denver.co.us
> > > http://clue.denver.co.us/mailman/listinfo/clue-tech
> >
> > _______________________________________________
> > CLUE-Tech mailing list
> > CLUE-Tech at clue.denver.co.us
> > http://clue.denver.co.us/mailman/listinfo/clue-tech
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
More information about the clue-tech
mailing list