Posts in FTP
January 4, 2006 Posted in FTP
Several months ago, I switched to pure-ftpd from proftpd for my Linux VPS and FreeBSD server, but I didn’t test the anonymous login on Linux, just found it’s enabled by default!! Fortunately, it wasn’t abused. If someone used it for video download, I could face a big bill for bandwidth usage. Very lucky. Read More
December 31, 2005 Posted in FTP, Security
After I changed the ssh port, combined with the changes of net.inet.tcp.blackhole and net.inet.udp.blackhole, now the server is completely free of ssh login attempts. I realized these two changes should be made together, it doesn’t make much sense to change only one of them. For example, if only change the port, the server will still respond to the port scan, it very probably gets more scan activity. What if only changed the system varibles? Since the ports of common services are the main target, the evil people still can easily find the ports to attack. Read More
September 14, 2005 Posted in FTP
WebHost Manager on my Linux VPS displayed the following message:
At this time, it is recommended that all customers using proftpd Switch to pure-ftpd as soon as possible to eliminate a potential security hole. It is important to consider that this security hole has not been verified. Multiple reports of compromised machines which have Trojans horse binaries installed with the proftpd group have been received. We wish acknowledge that there is only circumstantial evidence pointing to proftpd as the culprit, however we feel it is best to err on the side of caution.
March 11, 2005 Posted in FTP
Update: The ProFTPD port seems buggy, I suggest you try pure-ftpd, the installation is very easy and worked very well. Read More
November 3, 2004 Posted in FTP
How to get files recursively by FTP?
Update: NcFTP doesn’t work well on some FTP servers, the best way to transfer files is using tar command. Read More