How to prevent anonymous ftp w/wu-ftp

How to prevent anonymous ftp w/wu-ftp

Post by Dennis Bretto » Tue, 07 Mar 2000 04:00:00



Hi folks!

   I have been trying to limit my ftp server to 2 users.  In addition, I
want to remove anonymous users altogether.  This is what I have done:

  1) added anonymous and guest to /etc/ftpusers
  2) removed anonymous and guest from the "class" line of /etc/ftpaccess

  3) added the following lines to /etc/ftpaccess:
                   defaultserver private
                   defaultserver deny *
                   defaultserver allow <user1> <user2>

However, when I ftp to the machine and enter "anonymous" as the
username, I still receive the following:
       331 Guest login ok, send your complete e-mail address as
password.

I would like the utility to state something like:  anonymous users not
permitted

Can this be done with wu-ftp?
Did I do the "right" things above when trying to prevent anonymous
access?

Thank you for your help.

Regards
   Dennis

 
 
 

How to prevent anonymous ftp w/wu-ftp

Post by Ted Knupk » Wed, 08 Mar 2000 04:00:00



> Hi folks!

>    I have been trying to limit my ftp server to 2 users.  In addition, I
> want to remove anonymous users altogether.  This is what I have done:

>   1) added anonymous and guest to /etc/ftpusers
>   2) removed anonymous and guest from the "class" line of /etc/ftpaccess

>   3) added the following lines to /etc/ftpaccess:
>                    defaultserver private
>                    defaultserver deny *
>                    defaultserver allow <user1> <user2>

> However, when I ftp to the machine and enter "anonymous" as the
> username, I still receive the following:
>        331 Guest login ok, send your complete e-mail address as
> password.

> I would like the utility to state something like:  anonymous users not
> permitted

> Can this be done with wu-ftp?
> Did I do the "right" things above when trying to prevent anonymous
> access?

> Thank you for your help.

> Regards
>    Dennis

You need to delete the user "ftp" from your  password file to prevent this.

This entry is used only for anonymous ftp access.

Ted

 
 
 

How to prevent anonymous ftp w/wu-ftp

Post by Denni » Wed, 08 Mar 2000 04:00:00




> > Hi folks!

> >    I have been trying to limit my ftp server to 2 users.  In addition, I
> > want to remove anonymous users altogether.  This is what I have done:

> >   1) added anonymous and guest to /etc/ftpusers
> >   2) removed anonymous and guest from the "class" line of /etc/ftpaccess

> >   3) added the following lines to /etc/ftpaccess:
> >                    defaultserver private
> >                    defaultserver deny *
> >                    defaultserver allow <user1> <user2>

> > However, when I ftp to the machine and enter "anonymous" as the
> > username, I still receive the following:
> >        331 Guest login ok, send your complete e-mail address as
> > password.

> > I would like the utility to state something like:  anonymous users not
> > permitted

> You need to delete the user "ftp" from your  password file to prevent this.

> This entry is used only for anonymous ftp access.

I deleted the user "ftp" from my /etc/password file.  However, that still did
not help.  I still receive the "guest login ok, enter..." prompt.

Any ideas?

TIA!

-Dennis

 
 
 

1. Solaris ftp v Pro-ftp v WU-ftp

One-year newbie Solaris admin here. (And four yrs Linux experience extra,
does
that count extra credit?)

Management thinks they want an internet ftp server for the company.
Whatever,
they're mgt, and 'I serve at their pleasure'.. and paycheck. My questions:

1). why use a package like ProFTP or WU-ftp, instead of Solaris 2.6 ftp,
which
seems to me easy enough to use and cfg? (I'd ask them why, but that'd be
interpreted
as 'a bad thing'.)
2). which FTP is 'better'? I've heard of WU-ftp security holes, but am not
familiar
with Pro-FTP problems.
3). is there a better way to go?

I'm guessing this is for external customer browser convenience, which will
make me
RTFMs soon enough, yet any other comments, suggestions, or insights would be
appreciated. Thank you.

-fgz
(name alias and bogus email adrs to protect the guilty.)

2. Wireless Networking for OpenSolaris

3. wu-ftp ls problems with non-anonymous users and pc clients

4. Linux /bin/ps file

5. wu-ftp anonymous access and uploading...

6. multi-channel sound card

7. Setting up wu-ftp for anonymous downloads and secured uploads

8. solstice backup 6 server switch

9. Wu-ftp anonymous server problem.

10. Anonymous wu-ftp Woes...

11. Wu-FTP : how chrooted anonymous in a public dir

12. Anonymous config for wu-ftp -> /etc/passwd

13. WU-FTP and restricted FTP accounts