DoS on ftp port

• Previous message (by thread): DoS on ftp port
• Next message (by thread): mssql worm, contact info for postone.com
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In addition to David's suggestion, you would also want to ensure that 
newly create files are umasked unreadable as well.  Should the directory 
be masked unreadable but still executable (which it must be to actually 
enter it) users could still externally link to the files, even though 
one could not view them in a directory listing.



David.Charlap at marconi.com wrote:

> Rob Thomas wrote:
> 
>>There is a huge increase in FTP scanning as well as the building of
>>warez botnets.  The warez scanning is generally for anonymous FTP
>>servers with plentiful bandwidth, copious disk space, and generous
>>write permissions.  ...
>>
> 
> One things I know of that helps here is to make sure you never have a
> single directory that is both readable and writeable to an anonymous
> user.
> 
> In general, restrict writing to users with logins and passwords.  If you
> must have an anonymous-write directory (like an incoming folder), make
> sure that that directory is not also readable by anonymous users.
> 
> This probably won't eliminate all the abuse, but it should make it
> impractical enough that the warez servers will probably start looking
> elsewhere.
> 
> -- David
> 

• Previous message (by thread): DoS on ftp port
• Next message (by thread): mssql worm, contact info for postone.com
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]