HPE Community
Operating System - HP-UX
1761308 Members
3516 Online
108901 Solutions
New Discussion юеВ

Re: In Anonymous FTP, "ls" Doesn't Display Anything

 
SOLVED
Go to solution
Paul Gerke
Advisor

тАО08-05-2008 08:13 AM

тАО08-05-2008 08:13 AM

In Anonymous FTP, "ls" Doesn't Display Anything

I'm doing something wrong, but I don't know what. I have set up a server with bastille to be only an ftp server. Connecting with a regular account everything works fine. When I connect as anonymous or ftp, I am able to establish the connections, but ls doesn't display anything (example of ftp connection followed by ll of the actual directories):
ux37:root / # ftp ux35
Connected to ux35.clark.wa.gov.
220 ux35 FTP server (Revision 1.1 Version wuftpd-2.6.1(PHNE_36065) Mon Jul 9 10:21:14 GMT 2007) ready.
Name (ux35:root): ftp
331 Guest login ok, send your complete e-mail address as password.
Password:
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /usr/bin/ls.
226 Transfer complete.
ftp> cd pub
250 CWD command successful.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /usr/bin/ls.
226 Transfer complete.
ftp> cd GIS
250 CWD command successful.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /usr/bin/ls.
226 Transfer complete.
ftp> bye
221-You have transferred 0 bytes in 0 files.
221-Total traffic for this session was 971 bytes in 3 transfers.
221-Thank you for using the FTP service on ux35.
221 Goodbye.
ux37:root / # ssh ux35
...
ux35:root / # cd ~ftp
ux35:root /homepw/ftpanon # ll . pub pub/GIS

.:
total 2
-r-------- 1 root sys 0 Aug 4 10:46 .forward
-r-------- 1 root sys 0 Aug 4 10:46 .rhosts
-rwxrwxrwx 1 ftp ftpanon 0 Aug 4 16:45 1.pkg
drwxrwxrwx 2 ftp ftpanon 96 Aug 4 16:46 2.pkg
dr-xr-xr-x 2 root sys 96 Aug 4 10:34 bin
dr-xr-xr-x 2 root sys 96 Aug 4 10:38 etc
dr-xr-xr-x 7 root ftpanon 1024 Aug 4 11:12 pub

pub:
total 10
drwxrwxr-x 3 pwanon pwanon 1024 Jul 25 08:16 2007 Standard Details Manual
drwxrwxr-x 5 pwanon pwanon 1024 Jul 25 08:17 CLEAN WATER PROJECTS
drwxr-xr-x 9 gis gispub 1024 Aug 4 10:37 GIS
drwxrwxr-x 8 pwanon pwanon 1024 Jul 17 09:16 PARKS PROJECTS
drwxrwxr-x 19 pwanon pwanon 1024 Apr 18 09:48 ROAD PROJECTS

pub/GIS:
total 897194
-rw-r--r-x 1 gis gispub 90 Jul 28 14:00 23129.tfw
-rw-r--r-x 1 gis gispub 116640551 Jul 28 14:00 23129.tif
-rw-r--r-x 1 gis gispub 90 Jul 28 14:00 23130.tfw
-rw-r--r-x 1 gis gispub 111150503 Jul 28 14:00 23130.tif
-rw-r--r-x 1 gis gispub 90 Jul 28 14:00 23131.tfw
-rw-r--r-x 1 gis gispub 110761667 Jul 28 14:01 23131.tif
-rw-r--r-x 1 gis gispub 90 Jul 28 14:01 23132.tfw
-rw-r--r-x 1 gis gispub 117357311 Jul 28 14:01 23132.tif
------xr-x 1 gis gispub 3439644 Aug 1 10:15 mktvalperc.txt
drwxr-xr-x 3 gis gispub 1024 Jul 23 08:49 packet35576
drwxr-xr-x 3 gis gispub 1024 Jul 23 08:50 packet35582
drwxr-xr-x 3 gis gispub 1024 Jul 24 09:00 packet35591
drwxr-xr-x 3 gis gispub 1024 Jul 24 09:00 packet35592
drwxr-xr-x 3 gis gispub 1024 Jul 24 09:01 packet35601
drwxr-xr-x 3 gis gispub 1024 Jul 25 12:16 packet35620
drwxr-xr-x 3 gis gispub 1024 Jul 28 08:37 packet35624
ux35:root /homepw/ftpanon #


I think I have the account setup correctly in the real /etc/passwd:
ftp:x:112:110:Anonymous FTP Account:/homepw/ftpanon:/usr/bin/false

And I don't think it should matter that I don't have all of the lines in the chroot etc files--I assume that if they aren't there, then ls should show the user or group ID instead.

And inetd.conf has:
ftp stream tcp6 nowait root /usr/lbin/ftpd ftpd -l -u 027

And there is no ftpaccess file.

What am I doing wrong? What more do you need to see to help me?

Thanks,
Paul
Paul
0 Kudos
Reply
6 REPLIES 6
Steven Schweda
Honored Contributor

тАО08-05-2008 09:36 AM

тАО08-05-2008 09:36 AM

Re: In Anonymous FTP, "ls" Doesn't Display Anything

> And I don't think it should matter that I
> don't have all of the lines in the chroot
> etc files--I assume that if they aren't
> there, then ls should show the user or
> group ID instead.

Plausible, but what's in the chroot "bin"
directory? "ls"? I'd guess not. The one
at "/sbin/ls" may be easier to get going
than he usual "/usr/bin/ls". ("ldd" will
show why. But you're welcome to copy over
all the various required run-time libraries
to your chroot "usr/lib" directory, if you
need some feature of the regular one.)

Additional effort of this sort will be needed
if you'd like to use that gzip|tar-on-the-fly
stuff, as ftpd will be looking for those
programs, too.

Have you tried fetching a known-to-exist
file? If the FTP server is configured
properly otherwise, that should work even if
"ls" doesn't.
0 Kudos
Reply
Steven Schweda
Honored Contributor

тАО08-05-2008 09:50 AM

тАО08-05-2008 09:50 AM

Re: In Anonymous FTP, "ls" Doesn't Display Anything

Around here, "man ftpd" does seem to cover
this:

[...]
The anonymous FTP directory should be set up as follows:
[...]

Of course, if you stopped reading at
"passwd", you may have missed the important
stuff.

Free advice:

If you make a writable directory for uploads,
don't call it "incoming" or "upload", which
are the names all the exploit scripts will
try.
0 Kudos
Reply
Paul Gerke
Advisor

тАО08-05-2008 09:57 AM

тАО08-05-2008 09:57 AM

Re: In Anonymous FTP, "ls" Doesn't Display Anything

Thanks Steven,
I appreciate the response. Sorry about forgetting to report on the bin directory. I copied ls out of /sbin and it has to be there in order not to get an error message in response. Here is the ll of bin:

ux35:root /homepw/ftpanon # ll bin
total 1450
-r-xr-xr-x 1 root sys 741556 Aug 4 16:23 ls
ux35:root /homepw/ftpanon #

Since I could cd into subdirectories i assumed that I could get a file, but to check I copied the copyright file into the pub directory and was able to get it:

ux35:root /homepw/ftpanon/pub # cp -p /etc/copyright .
ux35:root /homepw/ftpanon/pub # ll
total 14
drwxrwxr-x 3 pwanon pwanon 1024 Jul 25 08:16 2007 Standard Details Manual
drwxrwxr-x 5 pwanon pwanon 1024 Jul 25 08:17 CLEAN WATER PROJECTS
drwxr-xr-x 9 gis gispub 1024 Aug 4 10:37 GIS
drwxrwxr-x 8 pwanon pwanon 1024 Jul 17 09:16 PARKS PROJECTS
drwxrwxr-x 19 pwanon pwanon 1024 Apr 18 09:48 ROAD PROJECTS
-r--r--r-- 1 root sys 1152 Sep 8 2004 copyright
ux35:root /homepw/ftpanon/pub #


ux37:root / # ftp ux35
Connected to ux35.clark.wa.gov.
220 ux35 FTP server (Revision 1.1 Version wuftpd-2.6.1(PHNE_36065) Mon Jul 9 10:21:14 GMT 2007) ready.
Name (ux35:root): anonymous
331 Guest login ok, send your complete e-mail address as password.
Password:
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd pub
250 CWD command successful.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /usr/bin/ls.
226 Transfer complete.
ftp> get copyright
200 PORT command successful.
150 Opening BINARY mode data connection for copyright (1152 bytes).
226 Transfer complete.
1152 bytes received in 0.00 seconds (3358.21 Kbytes/s)
ftp> bye
221-You have transferred 1152 bytes in 1 files.
221-Total traffic for this session was 1878 bytes in 2 transfers.
221-Thank you for using the FTP service on ux35.
221 Goodbye.


That's what has me confused. I think I followed all of the steps, even after the passwd stuff, but it doesn't display even though everything else works.
Paul
0 Kudos
Reply
Paul Gerke
Advisor

тАО08-05-2008 09:59 AM

тАО08-05-2008 09:59 AM

Re: In Anonymous FTP, "ls" Doesn't Display Anything

And I see that I neglected to thank you for the advice on upload directories. So far our anonymous ftp account only has to be read-only. I am trying hard to keep it that way to avoid some of those exploit issues.

Paul
Paul
0 Kudos
Reply
Steven Schweda
Honored Contributor

тАО08-05-2008 11:00 AM

тАО08-05-2008 11:00 AM

Solution

Re: In Anonymous FTP, "ls" Doesn't Display Anything

> Here is the ll of bin:
> [...]

Ah. At least one of us seems to be living in
the past, where "/bin/ls" was popular. Note
the message:

> 150 Opening ASCII mode data connection for /usr/bin/ls.

What happens if you move your (bulky,
IA64-sized) "ls" to the chroot "usr/bin"
directory? Around here, that makes a world
of difference. (I hadn't set up anonymous
FTP on my zx2000 before, but, as I always
say, "What could go wrong?".)
Reply
Paul Gerke
Advisor

тАО08-05-2008 11:57 AM

тАО08-05-2008 11:57 AM

Re: In Anonymous FTP, "ls" Doesn't Display Anything

Thank you Steven,
For pointing out what ftpd had been telling me all along. As soon as I created the usr directory and moved bin into it everything worked!

Paul
Paul
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.