-
May 27th, 2006, 12:34 AM
#1
Junior Member
Ftp server securrity problem
Hi ...
i have a litl ftp server and its not the first time its being hacked.
My question is, how can I test my ftp server on his vunerability or mayby hack myself.
cous it is realy irritating me.
thx in advance
-
May 27th, 2006, 01:25 AM
#2
What do you mean by getting hacked??
What OS??
Who has access to it??? everyone??
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
May 27th, 2006, 05:36 PM
#3
Junior Member
1. someone is cracking my accounts and put them on a warez board
2. the os is winxp pro sp1a (for the usb 2 drivers)
3. a couple of friends have access to it
-
May 27th, 2006, 05:54 PM
#4
OK here are a few general ideas:
1. Change the password(s) and make them over 15 characters, and complex.
2. Disable the LM hash password support (your friends will have to use Windows 2000 or XP).
3. Update all your software, particularly your operating system.
4. Check your firewall rules. If your friends have static IP addresses then it should be relatively simple to allow them only. If not, then at least try to restrict access to the IP blocks assigned to their ISP.
5. Check your system for trojans and rootkits.
6. Consider data encryption............I don't know what your "accounts" give access to?
I won't bother with the traffic monitoring and IDS stuff, as there are people far more qualified that myself here to do that.
Is your machine physically secure, or can others access it without supervision?
Do you leave your machine turned on and connected to the internet when it is not being used?
-
June 4th, 2006, 01:13 PM
#5
If your machine has already been compromised (or if you suspect it), you MUST reinstall the box (and be careful not to restore possibly trojan'd binaries from your backups)
Ensure that you're not using a FTP server version which has known vulnerabilities; configure it as securely as you can (as per other posters' comments).
Mark
-
June 22nd, 2006, 02:29 PM
#6
Junior Member
Isn't one of the problems with ftp that everything (including passwords) is sent unencrypted? Doesn't that make it pretty easy for someone to get passwords and otherwise compromise the system? I'm avoiding setting up ftp at my office right now for this very reason. Perhaps vpn might be a better way to go, if it's just a couple friends anyway.
-
June 23rd, 2006, 02:07 PM
#7
Junior Member
On some ftp servers you can require SSL encryption. However that's only for the login. As far as your friends go, it's relatively easy to get them a "static" ip address. I haven't tested this theory yet, but I think it will work. Go to dyndns.org and sign up for their dns server. They will give you a domain name like bob.isa-geek.com. Next get a dns updater, the site will give you options or you can go to download.com and get one. It essentially gives your machine the same IP address but the domain name is mapped to the dynamic ip. Pretty sure that you can give the dns access as opposed to an IP. Just a theory, but I think it will work.
-
June 23rd, 2006, 02:48 PM
#8
I meant to post on this thread a couple of weeks back when I saw it but was too busy to get a chance, so here goes.
Consider a different OS for the ftp box. Get an old PII or PIII, run a linux server distro like ClarkConnect (or the new Ubuntu server) and enable both the FTP server and Samba. Create a user acc't so you can create a share on your Windows PC to the FTP folder on the server. Then just dump the files you want to share with your friends in the FTP drive and tell 'em to log in. ClarkConnect with a handful of users is up and running in less than an hour for me.
Any problems, just make sure you got the data on the FTP server backed up, reinstall ClarkConnect in an hour or less and you're good to go again (clean!). Beats the heck out of reinstalling XP and then sitting thru dozens of updates and installing all the peripheral apps like anti-virus and anti-spyware stuff.
Keep it simple...
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
June 26th, 2006, 04:54 AM
#9
Originally posted here by brokencrow
I meant to post on this thread a couple of weeks back when I saw it but was too busy to get a chance, so here goes.
Consider a different OS for the ftp box. Get an old PII or PIII, run a linux server distro like ClarkConnect (or the new Ubuntu server) and enable both the FTP server and Samba. Create a user acc't so you can create a share on your Windows PC to the FTP folder on the server. Then just dump the files you want to share with your friends in the FTP drive and tell 'em to log in. ClarkConnect with a handful of users is up and running in less than an hour for me.
Any problems, just make sure you got the data on the FTP server backed up, reinstall ClarkConnect in an hour or less and you're good to go again (clean!). Beats the heck out of reinstalling XP and then sitting thru dozens of updates and installing all the peripheral apps like anti-virus and anti-spyware stuff.
Keep it simple...
your right brokencrow but if he gets a *nix box with sshd running windows sftp clients can be had for free. he can run one himself to put the things he wants to share from his windows box. hell if you have a gig of memory you can run a linux iso with vmplayer and not even use another box.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
June 26th, 2006, 12:35 PM
#10
...can't say I entirely trust vmplayer, especially after reading a piece on rootkits-to-come using vm code. More code = less security?
And then I'm one to put old PC's to use of some kind, even as low-end servers on a home network.
“Everybody is ignorant, only on different subjects.” — Will Rogers
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|