HPE Community
Operating System - HP-UX
1832972 Members
2499 Online
110048 Solutions
New Discussion

Re: confusing ftp message

 
George Liu_4
Trusted Contributor

‎03-22-2004 02:17 AM

‎03-22-2004 02:17 AM

confusing ftp message

The ftp server with PHNE_27765 returns confusing messages after login was failed. See below,

It is HP-UX B.11.11


220 host.domain FTP server (Version 1.1.214.4(PHNE_27765) Wed Sep 4 05:59:34 GMT 2002) ready.
Name (host:root):
331 Password required for root.
Password:
530 Login incorrect.
Login failed.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

Any configuration can be tuned for this? Thanks in advance.
0 Kudos
Reply
14 REPLIES 14
Robert-Jan Goossens
Honored Contributor

‎03-22-2004 02:24 AM

‎03-22-2004 02:24 AM

Re: confusing ftp message

Hi,

Are you sure you are on the system, could you check with an ls if you see some files.

Robert-Jan
0 Kudos
Reply
James A. Donovan
Honored Contributor

‎03-22-2004 02:24 AM

‎03-22-2004 02:24 AM

Re: confusing ftp message

Do you have an /etc/ftpd/ftpusers file? Is the root user listed in that file? If the answer is yes to both questions, then remove the root user from this file and try again.

$ man ftpusers

for more information on the ftp security file.

If that doesn't fix the problem, check the syslog.log file of the system you're trying to ftp onto. It may have more information on why access is being denied.
Remember, wherever you go, there you are...
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎03-22-2004 02:25 AM

‎03-22-2004 02:25 AM

Re: confusing ftp message

Hi George,

It's just reporting remote system type & default transport mode.

Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
George Liu_4
Trusted Contributor

‎03-22-2004 02:35 AM

‎03-22-2004 02:35 AM

Re: confusing ftp message

Jeff,

Could those messages be disabled? Thanks.

:-) George
0 Kudos
Reply
RAC_1
Honored Contributor

‎03-22-2004 02:44 AM

‎03-22-2004 02:44 AM

Re: confusing ftp message

Check /etc/ftpd/ftpusers or /etc/ftpusers file.
Also check /etc/shells file. this should have all shells listed that user's use and are allowed to do ftp.
Check if FTP is allowed. Ceck /var/adm/inetd.sec file.

Anil
There is no substitute to HARDWORK
0 Kudos
Reply
rick jones
Honored Contributor

‎03-23-2004 05:05 AM

‎03-23-2004 05:05 AM

Re: confusing ftp message

Well, disabling the messages would still leave one not logged-in :) However, if you examin the manpage for "ftp" (doesn't everyone try man "foo" when they first have an issue with foo?-), you will likely find an option that disables the SYST and TYPE calls and what other options are required.
there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Reply
George Liu_4
Trusted Contributor

‎03-23-2004 05:23 AM

‎03-23-2004 05:23 AM

Re: confusing ftp message

Well, my original question is not "how to make ftp available to root or such". My question is how to disable these messages "Remote system type is UNIX. \Using binary mode to transfer files."

You don't want to everybody knows your system type. Right?
0 Kudos
Reply
rick jones
Honored Contributor

‎03-23-2004 05:30 AM

‎03-23-2004 05:30 AM

Re: confusing ftp message

If you are simply trying to make the system type messages go away because you are worried about crackers, do keep in mind that while you may be able to make that method of ID go away (you will also need to change the "welcome" message), I personally do not believe that it will make your system any more "secure" as hiding the system type is merely a variant of "security through obscurity"
there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Reply
George Liu_4
Trusted Contributor

‎03-23-2004 05:47 AM

‎03-23-2004 05:47 AM

Re: confusing ftp message

We do have warning banner.
0 Kudos
Reply
Marvin Strong
Honored Contributor

‎03-23-2004 06:47 AM

‎03-23-2004 06:47 AM

Re: confusing ftp message

I don't know how to disable the messages, but does it matter anyway, once someone logs into ftp the command:

syst

can get the OS anyway.

As far as a banner goes, anyone thats going to crack you isn't going to care about the banner IMO.

0 Kudos
Reply
George Liu_4
Trusted Contributor

‎03-23-2004 07:31 AM

‎03-23-2004 07:31 AM

Re: confusing ftp message

I agree with Marvin from the technical point of view. However, Banner is required from our security policy. It is better not to responde "syst" and "type" also.
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎03-23-2004 08:14 AM

‎03-23-2004 08:14 AM

Re: confusing ftp message

Hi Marvin,

It's not a matter of the perpetrator "caring" about the banner. It's a matter of whether one can prosecute for this behavior. Courts have ruled in the past that w/o a banner stating that misuse is subject to criminal penalty, it could be perceived as an "invitation" to do what they please.
So you'd better have that banner if you intend to do something prosecute hackers after they've been caught.

My 2 cents,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Marvin Strong
Honored Contributor

‎03-23-2004 09:36 AM

‎03-23-2004 09:36 AM

Re: confusing ftp message

I didn't mean to imply that the banner was not required. Certainly it should be there for legal reasons.

I was just stating the most persons that are willing to crack will take their chances anyway.

I was just trying to point out that hiding OS type, is not nearly enough to secure ftp, from malicious users.

Which im sure everyone here realizes already.


0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎03-23-2004 11:47 AM

‎03-23-2004 11:47 AM

Re: confusing ftp message

I certainly agree Marvin.
That's why PW hardening & teaching users about how to deal with "social-engineering" are the #1 lines of defense.

Cheers,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.