[CLUE-Tech] enabling ftp
ian
iguy at ionsphere.org
Sun Mar 18 20:39:48 MST 2001
Good question....
I do know that if you have the firewall shutdown those ports you should
theoretically be fine.
I'm not too sure why all the Security docs I talk about say you should
have all the services that you are not using turned off even if you do have
a firewall blocking all them.
My un-educated guess right now would be to make sure that backdoor packets
that get onto your machine to be executed can't launch off those programs
with an outgoing xterm from your box to their box. Hmm..
(Basically cracker sends a packet that says it originates from target box
and destination is cracker's box. In that packet he gets an ftp session
to start effectively bypassing the firewall security.)
Not sure.. But that would be my guess.
ian
On Sun, Mar 18, 2001 at 04:49:58PM -0700, Jeffery C. Cann wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Ian,
>
> I did not remove the FTP entries from my /etc/services or /etc/initd.conf. I
> simply blocked ports 20 and 21 in my 'ipchains' script. This has effectively
> disabled FTP.
>
> Does anyone know if I should go ahead and comment the /etc/initd.conf?
>
> Where's Kevin Fenzi when we need him ? ;-)
>
> Jeff
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.4 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
>
> iEYEARECAAYFAjq1SakACgkQw3/GBQk72kD8SwCfUfe04OGx2Lq/U9fDjwY+Q3JA
> VXAAoIL4Y4lg3aLH26sRkv6E1rzLcJG3
> =89y8
> -----END PGP SIGNATURE-----
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list