HPE Community
Operating System - HP-UX
1830657 Members
28544 Online
110015 Solutions
New Discussion

Re: Ftp/anonymous help

 
SOLVED
Go to solution
Kathleen
Regular Advisor

‎11-06-2001 07:59 AM

‎11-06-2001 07:59 AM

Ftp/anonymous help

I am trying to figure out why I need an anonymous FTP login on my system. I wasn't concerned about this until one of my directories went up to 100% last night where the anonymous login could upload to. What function does this login serve? And if I remove it, what will it effect on the system? Sorry if this is a basic question....I am still learning this unix stuff. Thanks in advance.
0 Kudos
Reply
19 REPLIES 19
Rita C Workman
Honored Contributor

‎11-06-2001 08:04 AM

‎11-06-2001 08:04 AM

Solution

Re: Ftp/anonymous help

The 'anonymous' login is meant for an open ftp access system. It is usually set up so that anybody can get/put files on your system without a fixed password.
And obviously, they can put and put and put until a directory is filled if this is kept under control.
If you don't want this kind of 'OPEN' system than remove the anonymous or put anonymous entry in your ftpusers file to restrict it.

Just a quick thought,
Rita
Reply
AriesFR
Occasional Advisor

‎11-06-2001 08:06 AM

‎11-06-2001 08:06 AM

Re: Ftp/anonymous help

Hi,

Anonymous ftp login is made to allow users that have no login/password on your system to be able to remote login via ftp on your system. If this user has any write access on your disk, basically anybody can upload/download what they want there. Your disk is probably full of Warez stuff from nice people...

Disabling that ftp account will only prevent anybody logging in with "ftp" or "anonymous" as their login (any password will usually be ok in that case). If I were you, i'd check for any hidden directory in that write area...

Jean-Charles
Oni koji znaju, cinu; Oni koji ne znaju, predavaju - Who can does ; who can't teaches - Croatian proverb.
Reply
G. Vrijhoeven
Honored Contributor

‎11-06-2001 08:09 AM

‎11-06-2001 08:09 AM

Re: Ftp/anonymous help

Hi Kathleen,

The big idea is that you enable people to put or get files from your server without creating an account for them.

To prevent it from getting full you can create a monitoring script for the dir you enable people to put files in.

hope this will help

Gideon
Reply
Darrell Allen
Honored Contributor

‎11-06-2001 08:14 AM

‎11-06-2001 08:14 AM

Re: Ftp/anonymous help

Unless there is a business reason for it, I'd remove the anonymous FTP account. As a general rule services should be disabled unless required. For normal UNIX purposes, you don't need anonymous FTP.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
Reply
Roger Baptiste
Honored Contributor

‎11-06-2001 08:20 AM

‎11-06-2001 08:20 AM

Re: Ftp/anonymous help

hi,

Anonymous ftp is just as the name implies -> anybody within the network can ftp to the system anonymously without password restrictions.

Why do we need it? Because it can be useful for allowing users to "put" or "get" files
in a common ftp area (pub/dist) without needing an
account on the system.
For instance, we can use anonymous ftp area to store
some commonly used application tar balls or documents, which can then be
picked up by users in the site
at any time .

All said, anonymous ftp
have to be on systems only
when there is a necessity for it.

-raj
Take it easy.
Reply
Kathleen
Regular Advisor

‎11-06-2001 08:48 AM

‎11-06-2001 08:48 AM

Re: Ftp/anonymous help

How do I check for hidden directories/files?
0 Kudos
Reply
AriesFR
Occasional Advisor

‎11-06-2001 08:53 AM

‎11-06-2001 08:53 AM

Re: Ftp/anonymous help

hidden directory/files begin with a dot (.). You can get them with a ls -a for instance or ls -d .* to get only them.

Jean-Charles
Oni koji znaju, cinu; Oni koji ne znaju, predavaju - Who can does ; who can't teaches - Croatian proverb.
Reply
Kathleen
Regular Advisor

‎11-06-2001 09:03 AM

‎11-06-2001 09:03 AM

Re: Ftp/anonymous help

How do I delete a folder with no name. I see a few out there when I do a ll -a or ls -a but at least 1 has no name.
0 Kudos
Reply
AriesFR
Occasional Advisor

‎11-06-2001 09:05 AM

‎11-06-2001 09:05 AM

Re: Ftp/anonymous help

It's name is based on space characters. You can do a rm -ri *
That will remove everything but ask for confirmation. You can then save what you want to keep.

Jean-Charles

P.S.: Thanks to quote answers...
Oni koji znaju, cinu; Oni koji ne znaju, predavaju - Who can does ; who can't teaches - Croatian proverb.
Reply
Craig Rants
Honored Contributor

‎11-06-2001 09:06 AM

‎11-06-2001 09:06 AM

Re: Ftp/anonymous help

Are you talking about . and .. ? I assume that you are talking about those, you don't want to remove them.

.. is the directory above your current working directory
. is the directory that you are currently in

If you are not talking about those disregard my comments.

C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
Reply
Darrell Allen
Honored Contributor

‎11-06-2001 09:11 AM

‎11-06-2001 09:11 AM

Re: Ftp/anonymous help

Be sure you don't "rm -r ."
or "rm -r .."
or "rm -r .*"
because
. = current directory
.. = parent directory
.* would include both the current and parent directories as well as hidden files / directories

Hidden files / directories start with a . but have more characters in their name.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
Reply
AriesFR
Occasional Advisor

‎11-06-2001 09:13 AM

‎11-06-2001 09:13 AM

Re: Ftp/anonymous help

No!!! . and .. are NOT to be removed, but hackers usually use names like ' ' (space char) or special chars that can not be displayed. It is then harder to remove them.

By the way, it's rm -ri .*
I forgot the . in my previous message.

Jean-Charles
Oni koji znaju, cinu; Oni koji ne znaju, predavaju - Who can does ; who can't teaches - Croatian proverb.
Reply
Kathleen
Regular Advisor

‎11-06-2001 09:49 AM

‎11-06-2001 09:49 AM

Re: Ftp/anonymous help

I have one that looks like it has a space in it....do I just do the suggestion above?
0 Kudos
Reply
Volker Borowski
Honored Contributor

‎11-06-2001 10:09 AM

‎11-06-2001 10:09 AM

Re: Ftp/anonymous help

Hello,

there are several ways to safely delete files with special characters.

My favorite is to go with "ftp localhost", because you can type the filename exactly as it shows up and do not have to fear and wildcard-expansion-junk.

Other options are to go by "find". Search the forum on this (find, delete).

Do NOT use "rm" if the filename in charge contains a wildcard or a valid option to the rm-command. I.E. if your file reads like

"-rf * delete_me_please"

...there will not be a second chance if you mistype your quotes.

Be carefull
Volker
Reply
Kathleen
Regular Advisor

‎11-06-2001 10:12 AM

‎11-06-2001 10:12 AM

Re: Ftp/anonymous help

I got it! Thanks SO much for all of the help.
0 Kudos
Reply
Darrell Allen
Honored Contributor

‎11-06-2001 10:38 AM

‎11-06-2001 10:38 AM

Re: Ftp/anonymous help

Now that I'm back from lunch I can continue my thought.

You can see where rm -r . would be dangerous, especially if done as root, and especially if done in the root directory.

Filenames (hidden or otherwise) can contain characters that aren't visible. Hackers sometimes will ftp in a file with a name that looks like . or .. but really contains unprintable characters. They could potentially create a directory that would be hard to catch simply by doing mkdir ". " or mkdir ".. " (notice the extra space). To see some of the difficulties you would have finding those, make a temp directory somewhere and try the above mkdir's. Then try ll. You can see why (especially if there's a lot of other files in the directory) this is difficult.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
Reply
Darrell Allen
Honored Contributor

‎11-06-2001 02:11 PM

‎11-06-2001 02:11 PM

Re: Ftp/anonymous help

Hi Kathleen,

Would you do us a favor? Please assign points to replies to your posts. It's not so much the accumulation of points and hats that drive us (okay, it does to a degree) but the forums become much more valuable if points are applied. When searching the forums for previous threads pertaining to our current issues it is very helpful to see which reply was the right one. And to me, it does mean more to see a answer from someone with a crown. So please take a little time to rate answers. Each one is worth at least some "thank you for trying" points and some truly are the magic answers that will help others down the road.

And I hate to mention this but some people will stop replying to your posts simply because you aren't assigning points.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
0 Kudos
Reply
Darrell Allen
Honored Contributor

‎11-07-2001 06:49 AM

‎11-07-2001 06:49 AM

Re: Ftp/anonymous help

Hi Kathleen,

I sorry that either my replies didn't help you, I offended you, or both. Based on your assignment of points, I presume it was the second. At the time I believe this thread had no points assigned to replies. I also noticed in your profile you had only assigned points to roughly a fourth of replies to your questions. I wasn't meaning to offend but to remind you of the importance of the point system. To that extent, thank you for the assignments.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.