ftpd: trapping incoming server for bogus ID

Mike Storms · ‎10-02-2005

Hi,

I'm getting an ftp request from a bogus user. ftpd is display error in syslog.log indicating user login incorrect. I need to trap where this request is coming from. Any sugguestions?

Mel Burslan · ‎10-02-2005

turn on inetd logging by

inetd -k # kill runninng inetd daemon
inetd -l # restart it with logging enabled.

in the syslog, you should be able to see the ip addresses of all incoming connection for the inetd initiated services, which ftpd is one of them.

But keep in mind that, considerin ip spoofing and using the anonymous proxy relays, the info you are going to get is, most probably going to be useless.

instead try using /var/adm/inetd.sec to enable only the allowed ip address ranges which can access ftp or any other inetd service.

HTH

________________________________
UNIX because I majored in cryptology...

Arunvijai_4 · ‎10-02-2005

Enable inted logging by # inted -k and inetd -l . # man inetd gives more details about other options and security features with Internet Daemon.

-Arun

"A ship in the harbor is safe, but that is not what ships are built for"

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

ftpd: trapping incoming server for bogus ID

ftpd: trapping incoming server for bogus ID

Re: ftpd: trapping incoming server for bogus ID

Re: ftpd: trapping incoming server for bogus ID