- Community Home
- >
- Servers and Operating Systems
- >
- Legacy
- >
- Secure OS Software for Linux
- >
- Re: wu-ftpd installed, but it didn't reply respons...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-03-2002 12:32 PM
тАО09-03-2002 12:32 PM
Re: wu-ftpd installed, but it didn't reply response.
'HOST * -> COMPARTMENT xinetd PORT 21 METHOD tcp NETDEV any'. This allows the initial connection. But unless I put the ftpd daemon in the syshi compartment, I get 'Socket connected waiting for login sequence.' when connecting from a client and then the client connection times-out before login is possible.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-06-2002 03:22 AM
тАО09-06-2002 03:22 AM
Re: wu-ftpd installed, but it didn't reply response.
I think you should open a support case with the Response Center so that the lab can research this behavior.
Regards,
Hal Rottenberg
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-10-2002 10:21 AM
тАО09-10-2002 10:21 AM
Re: wu-ftpd installed, but it didn't reply response.
I never let root use ftp on Linux or HP-UX machines.
I have heard that Proftpd does not allow EXEC commands and is in general more secure. I'm going to test it on a Linux test box, but am increasingly interested in running it on HP-UX.
Any suggestions, experience in this area.
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-11-2002 03:57 AM
тАО09-11-2002 03:57 AM
Re: wu-ftpd installed, but it didn't reply response.
Stephen,
My research found this to be an old exploit from 1995. As far as I can tell it never applied to Redhat, upon which Secure Linux is based. The issue was not that the SITE EXEC command was enabled, but that the EXEC bin path was set to /bin, thus allowing shell access. This is a compile-time variable, and I don't think you will find this to be the default on any Linux distribution now.
That aside, I don't know anything about ProFTPD. At this point in time, we are aligning with software that is included in Redhat, so we are using wu-ftpd. In version 2 of our software wu-ftpd will be available as a pre-packaged integration complete with security rules in effect.
I encourage you to integrate ProFTPD if you want, and if you learn anything or encounter snags while doing so, please post to the group.
-hal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-11-2002 09:15 AM
тАО09-11-2002 09:15 AM
Re: wu-ftpd installed, but it didn't reply response.
I will report results.
There was a reported Red Hat 6x hack of a system using wu-fptd on one of the newsgroups.
The information was sketchy, but I find most hacks are due to administrator ignorance and a poor understanding of how to configure the product.
On the other hand, my old ISP switched from wu-ftpd to Proftpd and claimed it was for security reasons. Its worth doing the Proftdd project simply for knowing how to do it.
Early next year, I'm going to have a hand me down D320 box my offices and it will be my first HP-UX box exposed to the public internet. I'm using it to learn and perhaps provide secondary services, such as taking over my web traffic when the Red Hat box is brought down for maintenace.
Hence the queries. I have found HP-UX 11.11 installs with far fewer security holes than 11.00. That's always nice. There is even a little firewall you can use like ipchains on Linux.
Have a good day.
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- « Previous
-
- 1
- 2
- Next »