The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


More secure wu-ftpd


<< Previous INDEX Search src Set bookmark Go to bookmark Next >> 
Date: Mon, 14 Aug 2000 08:50:16 +0300 (EEST)
From: Pantalache Dalis-Adrian <[email protected]>
To: [email protected]
Subject: More secure wu-ftpd

class   local   real,guest,anonymous  xxx.xxx.xxx.xxx
class   intern   real,guest,anonymous xxx.xxx.xxx.xxx
class   extern  anonymous *

#fake passwd :)
# noretrieve /etc/passwd
# noretrieve /etc/shaddow


deny 194.102.92.* /etc/mesaj/denymsg
deny 193.230.84.64 /etc/mesaj/msg.local
deny 192.162.1.1 /etc/mesaj/msg.local


limit   local      0  Any             /etc/mesaj/msg.local
limit   intern              25  Any             /etc/mesaj/msg.preamultzi
limit   extern        5  Any             /etc/mesaj/msg.preamultzi


loginfails 3
greeting brief
#banner /etc/mesaj/banner1
compress        yes     guest,anonymous
tar             yes     guest,anonymous
chmod           no      guest,anonymous
delete          no      guest,anonymous
overwrite       no      guest,anonymous
rename          no      guest,anonymous
mkdir           no      guest,anonymous
upload          no      guest,anonymous
chmod           no      guest,anonymous
umask           no      guest,anonymous
compress        yes     real
tar             yes     real
chmod           yes     real
delete          yes     real
overwrite       yes     real
rename          yes     real


log transfers   guest,real,anonymous    inbound,outbound
shutdown /etc/shutmsg
passwd-check rfc822 enforce


#Filtering non ascii character
path-filter anonymous /etc/mesaj/pathmsg ^[-A-Za-z0-9_]*$ ^\. ^-
#pt guest
path-filter gest /etc/mesaj/pathmsg ^[-A-Za-z0-9_]*$ ^\. ^-
#pt. users
path-filter real /etc/mesaj/pathmsg ^[-A-Za-z0-9\._-]*$
#This line protect  me wen a bug shown in wu-ftp2.4  2.5 2.6



# specify the upload directory information
upload  /home/ftp  *            no      nobody   nogroup 0000 nodirs
upload  /var/ftp  /bin          no
upload  /var/ftp  /etc          no
upload  /home/ftp  /incoming    yes     ftp   ftp 440 nodirs

#protecting for long line max 3
site-exec-max-lines 3 all
dns refuse_mismatch /etc/mesaj/dns.msg
dns refuse_no_reverse /etc/mesaj/dns2.msg

#chroot
guest-root /home *
restricted-uid %100-499 %501-999




-- 
Pantalache Dalis-Adrian
+---------------------------------+
|	 Linux Sysadmin           |
|                                 |
| http://electron.upit.ro/~dalis  |
| [email protected]          |
| [email protected]            |
+---------------------------------+



_______________________________________________
Linux-security mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/linux-security

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2025 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру