<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-7" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
on 01/10/2009 09:11 PM panagiotis takis_rs wrote the following:
<blockquote cite="mid:BAY111-W383EC4619E5287440B03F1C5DA0@phx.gbl"
type="cite">
<style>
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
</style><b>1) ps -ef |grep vsftpd<br>
ôé äßíåé;</b><br>
root 6913 1 0 20:56 ? 00:00:00 /usr/sbin/vsftpd<br>
takis 8611 8402 0 21:03 pts/0 00:00:00 grep vsftpd<br>
<br>
<br>
<b>2) netstat -atp |grep -i LISTEN<br>
ôé äßíåé;</b><br>
tcp 0 0 localhost:mysql *:*
LISTEN 6331/mysqld <br>
tcp 0 0 *:ftp *:*
LISTEN 6913/vsftpd <br>
tcp 0 0 localhost:ipp *:*
LISTEN 6476/cupsd <br>
tcp6 0 0 localhost:8005 [::]:*
LISTEN 7410/java <br>
tcp6 0 0 [::]:8009 [::]:*
LISTEN 7410/java <br>
tcp6 0 0 [::]:5900 [::]:*
LISTEN 7979/vino-server<br>
tcp6 0 0 [::]:http-alt [::]:*
LISTEN 7410/java <br>
<br>
<b>3) êÜíå attach ôï vsftpd.conf</b><br>
listen=YES<br>
max_clients=4<br>
max_per_ip=1<br>
ftpd_banner=Takis_rs, ftp server.<br>
anonymous_enable=YES<br>
anon_root=/home/takis/Desktop/ <------ ÂãÜëôï<br>
local_enable=YES<br>
write_enable=NO<br>
anon_upload_enable=NO<br>
anon_mkdir_write_enable=NO<br>
anon_other_write_enable=NO<br>
hide_ids=YES<br>
ls_recurse_enable=NO<br>
tcp_wrappers=YES <------ ÂãÜëôï<br>
log_ftp_protocol=YES<br>
dual_log_enable=YES<br>
xferlog_enable=YES<br>
idle_session_timeout=60<br>
data_connection_timeout=300<br>
accept_timeout=60<br>
connect_timeout=60<br>
dirmessage_enable=YES<br>
background=YES<br>
pasv_min_port=50000<br>
pasv_max_port=50003<br>
anonymous_enable=YES<br>
banner_file=/etc/WELCOME_BANNER<br>
connect_from_port_20=YES<br>
nopriv_user=ftpsecure <------ õðÜñ÷åé áõôüò ï ÷ñÞóôçò ; (ãéáôß ï
vsftpd ôñÝ÷åé óáí root;)<br>
xferlog_enable=YES <--- ðÜëé;<br>
</blockquote>
ÃåíéêÜ äåí ìïõ öáßíåôáé ðñïóåãìÝíï ôï <b>vsftpd.conf </b>êáé äåí îÝñù
Üí Ý÷åé ðñüâëçìá.<br>
Èá óïõ ðñüôåéíá íá ôï êñáôÞóåéò backup êáé íá ôï êÜíåéò ßäéï ìå ôï äéêü
ìïõ (óôï email).<br>
Åðßóçò íá ôï ôñÝîåéò ìÝóù xinetd, êáé íá ñõèìßóåéò êáé áõôü ïìïßùò ìå
ôï äéêü ìïõ. (êáé îåêßíá êáé ôïí xinetd.)<br>
<br>
<blockquote cite="mid:BAY111-W383EC4619E5287440B03F1C5DA0@phx.gbl"
type="cite"><br>
4) <b>iptables -L</b><br>
Chain INPUT (policy DROP)<br>
target prot opt source destination <br>
ACCEPT tcp -- calchas.forthnet.gr anywhere tcp
flags:!FIN,SYN,RST,ACK/SYN <br>
ACCEPT udp -- nsath.forthnet.gr anywhere <br>
ACCEPT all -- anywhere anywhere <br>
ACCEPT icmp -- anywhere anywhere limit: avg
10/sec burst 5 <br>
DROP all -- anywhere 255.255.255.255 <br>
DROP all -- anywhere 192.168.1.255 <br>
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere <br>
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8 <br>
DROP all -- 255.255.255.255 anywhere <br>
DROP all -- anywhere 0.0.0.0 <br>
DROP all -- anywhere anywhere state
INVALID <br>
LSI all -f anywhere anywhere limit: avg
10/min burst 5 <br>
INBOUND all -- anywhere anywhere <br>
LOG_FILTER all -- anywhere anywhere <br>
LOG all -- anywhere anywhere LOG level
info prefix `Unknown Input' <br>
<br>
Chain FORWARD (policy DROP)<br>
target prot opt source destination <br>
ACCEPT icmp -- anywhere anywhere limit: avg
10/sec burst 5 <br>
LOG_FILTER all -- anywhere anywhere <br>
LOG all -- anywhere anywhere LOG level
info prefix `Unknown Forward' <br>
<br>
Chain OUTPUT (policy DROP)<br>
target prot opt source destination <br>
ACCEPT tcp -- 192.168.1.4 calchas.forthnet.gr tcp
dpt:domain <br>
ACCEPT udp -- 192.168.1.4 nsath.forthnet.gr udp
dpt:domain <br>
ACCEPT all -- anywhere anywhere <br>
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere <br>
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8 <br>
DROP all -- 255.255.255.255 anywhere <br>
DROP all -- anywhere 0.0.0.0 <br>
DROP all -- anywhere anywhere state
INVALID <br>
OUTBOUND all -- anywhere anywhere <br>
LOG_FILTER all -- anywhere anywhere <br>
LOG all -- anywhere anywhere LOG level
info prefix `Unknown Output' <br>
<br>
Chain INBOUND (1 references)<br>
target prot opt source destination <br>
ACCEPT tcp -- anywhere anywhere state
RELATED,ESTABLISHED <br>
ACCEPT udp -- anywhere anywhere state
RELATED,ESTABLISHED <br>
ACCEPT tcp -- anywhere anywhere tcp
dpts:ftp-data:ftp <br>
ACCEPT udp -- anywhere anywhere udp
dpts:20:fsp <br>
ACCEPT tcp -- anywhere anywhere tcp
dpt:http-alt <br>
ACCEPT udp -- anywhere anywhere udp
dpt:http-alt <br>
LSI all -- anywhere anywhere <br>
<br>
Chain LOG_FILTER (5 references)<br>
target prot opt source destination <br>
<br>
Chain LSI (2 references)<br>
target prot opt source destination <br>
LOG_FILTER all -- anywhere anywhere <br>
LOG tcp -- anywhere anywhere tcp
flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info
prefix `Inbound ' <br>
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RST,ACK/SYN <br>
LOG tcp -- anywhere anywhere tcp
flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info
prefix `Inbound ' <br>
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RST,ACK/RST <br>
LOG icmp -- anywhere anywhere icmp
echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound ' <br>
DROP icmp -- anywhere anywhere icmp
echo-request <br>
LOG all -- anywhere anywhere limit: avg
5/sec burst 5 LOG level info prefix `Inbound ' <br>
DROP all -- anywhere anywhere <br>
<br>
Chain LSO (0 references)<br>
target prot opt source destination <br>
LOG_FILTER all -- anywhere anywhere <br>
LOG all -- anywhere anywhere limit: avg
5/sec burst 5 LOG level info prefix `Outbound ' <br>
REJECT all -- anywhere anywhere
reject-with icmp-port-unreachable <br>
<br>
Chain OUTBOUND (1 references)<br>
target prot opt source destination <br>
ACCEPT icmp -- anywhere anywhere <br>
ACCEPT tcp -- anywhere anywhere state
RELATED,ESTABLISHED <br>
ACCEPT udp -- anywhere anywhere state
RELATED,ESTABLISHED <br>
ACCEPT all -- anywhere anywhere <br>
<br>
<br>
</blockquote>
ÌåãÜëå, ôï firewall åßíáé óçêùìÝíï <span class="moz-smiley-s8"><span>
=-O </span></span><br>
Äþóå <b>iptables -F </b><br>
êáé ìåôÜ ðÜëé <b>ptables -L<br>
</b><br>
<br>
<blockquote cite="mid:BAY111-W383EC4619E5287440B03F1C5DA0@phx.gbl"
type="cite"><b>iptables -L -t nat</b><br>
Chain PREROUTING (policy ACCEPT)<br>
target prot opt source destination <br>
<br>
Chain POSTROUTING (policy ACCEPT)<br>
target prot opt source destination <br>
<br>
Chain OUTPUT (policy ACCEPT)<br>
target prot opt source destination <br>
<br>
<b>5) netstat -atp |grep -i xinet</b><br>
ÔÉÐÏÔÁ<br>
</blockquote>
<b>netstat -atp |grep -i inet ;</b><br>
</body>
</html>