[TriLUG] minimal ftp host
Jon Carnes
jonc at nc.rr.com
Sun Jun 29 09:24:49 EDT 2003
On Fri, 2003-06-27 at 16:04, Roy Vestal wrote:
> I actually like the security script idea. Jon, is this a script you can
> share with us, or is it under NDA?
>
Not at all:
man find
In particular, look at the -perm and -group settings
Examples:
find /ftp_home/anon_files ! -group ftp_anon
find /ftp_home/anon_files ! -perm 644
The key is to look for what is not normal - wrap a script around those
"find"'s and you'll have alerts when anything out of the ordinary pops
up, plus you can have the script correct the problem.
Many years ago, my scripts did battle with a hackers all-night long
while I slept. The next morning I woke to find a ton of alerts and the
fact that wu-ftp had another vulnerability - but my data and server were
safe.
Jon
More information about the TriLUG
mailing list