Hardening ftp server & customizing ftp server on Solaris

From: Gold Sun (goldsun8@yahoo.com.sg)
Date: Sun May 29 2005 - 22:58:31 EDT

• Next message: carinus.carelse@mrc.ac.za: "Journaling on Solaris 9"
• Previous message: Peter Junker: "Remote Execution of Solaris Management Console on a Linux Box through a SSH Tunnel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,
 
I need to harden our Solaris ftp server - any url or
guide you can point me to is appreciated.
 
In particular I need to address the following :
In particular, I'll need to know how we could :
a)after login to individual user's home directory
  (eg: /home/user11, /home/user12), 'pwd' command
  will display "/" instead of "/home/user11" in
  the example below
b)if we do chroot (ie "cd /"), it will bring the
  user to his actual home directory /home/user11
  instead of going to the actual /
c)how does Sun set up "sunsolve.sun.com" ftp site
  for anonymous user access to dump their core files
  there such that after you've "put" the file in,
  other users who login using the same id anonymous
  won't be able to "get" the file. Even if I'm the
  one who created the dump file, I won't be able to
  delete/overwrite/get it subsequently if I login
  using the same anonymous id - believe this has
  to do with some sticky/sgid settings (or it's some
  ftp server setting?)
d)I've tried inserting "UMASK=555" into /etc/default/ftpd
  & a banner into this same file - when I ftp into
  the ftp Sun server, don't see the banner & somehow
  the permission of the file created is -w--w--w-
  Looks like what I've done on ftpd do not work
ftp>
ftp> pwd
257 "/home/user11" is current directory.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for file list.
hello
local.cshrc
local.login
local.profile
226 Transfer complete.
107 bytes received in 0.019 seconds (5.36 Kbytes/s)
ftp>
ftp> cd /
250 CWD command successful.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for file list.
core
ftp.log
man.sendmail.tar
noautoshutdown
postinstall_pkgmap
preinstall_pkgmap
vpd.properties
226 Transfer complete.
104 bytes received in 0.012 seconds (8.23 Kbytes/s)
ftp>
 
 
 
Thanks
G Sun
 

 Yahoo! Mobile
- Download the latest ringtones, games, and more!
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: carinus.carelse@mrc.ac.za: "Journaling on Solaris 9"
• Previous message: Peter Junker: "Remote Execution of Solaris Management Console on a Linux Box through a SSH Tunnel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:30:46 EDT