Ftp server securrity problem
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Ftp server securrity problem

  1. #1
    Junior Member
    Join Date
    Nov 2005
    Posts
    2

    Question Ftp server securrity problem

    Hi ...

    i have a litl ftp server and its not the first time its being hacked.
    My question is, how can I test my ftp server on his vunerability or mayby hack myself.
    cous it is realy irritating me.

    thx in advance

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    What do you mean by getting hacked??

    What OS??

    Who has access to it??? everyone??

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    Junior Member
    Join Date
    Nov 2005
    Posts
    2
    1. someone is cracking my accounts and put them on a warez board

    2. the os is winxp pro sp1a (for the usb 2 drivers)

    3. a couple of friends have access to it

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    OK here are a few general ideas:

    1. Change the password(s) and make them over 15 characters, and complex.
    2. Disable the LM hash password support (your friends will have to use Windows 2000 or XP).
    3. Update all your software, particularly your operating system.
    4. Check your firewall rules. If your friends have static IP addresses then it should be relatively simple to allow them only. If not, then at least try to restrict access to the IP blocks assigned to their ISP.
    5. Check your system for trojans and rootkits.
    6. Consider data encryption............I don't know what your "accounts" give access to?

    I won't bother with the traffic monitoring and IDS stuff, as there are people far more qualified that myself here to do that.

    Is your machine physically secure, or can others access it without supervision?

    Do you leave your machine turned on and connected to the internet when it is not being used?


  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    If your machine has already been compromised (or if you suspect it), you MUST reinstall the box (and be careful not to restore possibly trojan'd binaries from your backups)

    Ensure that you're not using a FTP server version which has known vulnerabilities; configure it as securely as you can (as per other posters' comments).

    Mark

  6. #6
    Junior Member
    Join Date
    Jun 2006
    Posts
    5
    Isn't one of the problems with ftp that everything (including passwords) is sent unencrypted? Doesn't that make it pretty easy for someone to get passwords and otherwise compromise the system? I'm avoiding setting up ftp at my office right now for this very reason. Perhaps vpn might be a better way to go, if it's just a couple friends anyway.

  7. #7
    Junior Member
    Join Date
    Apr 2005
    Posts
    8
    On some ftp servers you can require SSL encryption. However that's only for the login. As far as your friends go, it's relatively easy to get them a "static" ip address. I haven't tested this theory yet, but I think it will work. Go to dyndns.org and sign up for their dns server. They will give you a domain name like bob.isa-geek.com. Next get a dns updater, the site will give you options or you can go to download.com and get one. It essentially gives your machine the same IP address but the domain name is mapped to the dynamic ip. Pretty sure that you can give the dns access as opposed to an IP. Just a theory, but I think it will work.

  8. #8
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    I meant to post on this thread a couple of weeks back when I saw it but was too busy to get a chance, so here goes.

    Consider a different OS for the ftp box. Get an old PII or PIII, run a linux server distro like ClarkConnect (or the new Ubuntu server) and enable both the FTP server and Samba. Create a user acc't so you can create a share on your Windows PC to the FTP folder on the server. Then just dump the files you want to share with your friends in the FTP drive and tell 'em to log in. ClarkConnect with a handful of users is up and running in less than an hour for me.

    Any problems, just make sure you got the data on the FTP server backed up, reinstall ClarkConnect in an hour or less and you're good to go again (clean!). Beats the heck out of reinstalling XP and then sitting thru dozens of updates and installing all the peripheral apps like anti-virus and anti-spyware stuff.

    Keep it simple...
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    Originally posted here by brokencrow
    I meant to post on this thread a couple of weeks back when I saw it but was too busy to get a chance, so here goes.

    Consider a different OS for the ftp box. Get an old PII or PIII, run a linux server distro like ClarkConnect (or the new Ubuntu server) and enable both the FTP server and Samba. Create a user acc't so you can create a share on your Windows PC to the FTP folder on the server. Then just dump the files you want to share with your friends in the FTP drive and tell 'em to log in. ClarkConnect with a handful of users is up and running in less than an hour for me.

    Any problems, just make sure you got the data on the FTP server backed up, reinstall ClarkConnect in an hour or less and you're good to go again (clean!). Beats the heck out of reinstalling XP and then sitting thru dozens of updates and installing all the peripheral apps like anti-virus and anti-spyware stuff.

    Keep it simple...
    your right brokencrow but if he gets a *nix box with sshd running windows sftp clients can be had for free. he can run one himself to put the things he wants to share from his windows box. hell if you have a gig of memory you can run a linux iso with vmplayer and not even use another box.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  10. #10
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    ...can't say I entirely trust vmplayer, especially after reading a piece on rootkits-to-come using vm code. More code = less security?

    And then I'm one to put old PC's to use of some kind, even as low-end servers on a home network.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •