[H-GEN] FTP login by wtmp?
Marshall, Joshua
MarshallJ at switch.aust.com
Sun Aug 15 21:20:51 EDT 1999
[ Humbug *General* list - semi-serious discussions about Humbug and
Unix-related[1] topics. ]
> Depending on what's in the other log files it probably means
> somebody opened
> a socket but did nothing: you may have just been scanned and no more.
They actually did get in, and they created a directory in my ftp/pub
directory and put a file in there (which was crap anyway, 'cause the
filename was a heap of ?'s)
> b. Tell ipfw or ipchains to deny all but the machines who're
> allowed to
> connect.
Yeah that sounds the best option. I'd still like to know if there is a
security hole in that ftpd. It's version wu-2.5.0(1)
Or whether it's possible to log in with the wtmp user (who doesn't have an
entry in the passwd file)
Cheers,
Josh.
--
This is list (humbug) general handled by majordomo at lists.humbug.org.au .
Postings only from subscribed addresses of lists general or general-post.
[1] Just for Jason.
More information about the General
mailing list