cwbe coordinatez:
101
63540
63542
2109677
63692
2616158

ABSOLUT
KYBERIA
permissions
you: r,
system: public
net: yes

neurons

stats|by_visit|by_K
source
tiamat
K|my_K|given_K
last
commanders
polls

total descendants::
total children::2
show[ 2 | 3] flat
mam taky problem s vsftpd na slackware 10.2

anonymny login funguje ale nedokazem sa nalogovat ako lokalny user:

ftp localhost
Connected to localhost.
220 (vsFTPd 2.0.3)
Name (localhost:gnd): gnd
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp> quit

vsftpd.log :

Tue Sep 5 23:00:12 2006 [pid 2519] CONNECT: Client "127.0.0.1"
Tue Sep 5 23:00:15 2006 [pid 2518] [gnd] FAIL LOGIN: Client "127.0.0.1"

moj vsftpd.conf vyzera takto:

anonymous_enable=YES
local_enable=YES
ftp_username=ftp
write_enable=YES
listen=YES
pam_service_name=ftp
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
nopriv_user=ftp
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd.user_list

pam.conf pre ftp zase takto:

ftp auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
ftp auth required /lib/security/pam_pwdb.so shadow nullok
ftp auth required /lib/security/pam_shells.so
ftp account required /lib/security/pam_pwdb.so
ftp session required /lib/security/pam_pwdb.so

problem je ten isty ci uz bezi vsftpd cez inetd alebo ako demon.. nejake napady ?




00000101000635400006354202109677000636920261615802618334
toxygen
 toxygen      06.09.2006 - 19:10:27 , level: 1, UP   NEW
userlist_enable=YES -> userlist_enable=NO

alebo

cat /etc/vsftpd.user_list
ak tam nie si, tak sa tam pridaj.
popripade pozri si shell, ktory ma gnd je v /etc/shells.

00000101000635400006354202109677000636920261615802617256
uz.nebudem.tolko.fetovat
 uz.nebudem.tolko.fetovat      06.09.2006 - 12:47:10 (modif: 06.09.2006 - 12:47:46), level: 1, UP   NEW !!CONTENT CHANGED!!
userlist_deny mas vypnute, takze iba accounty v /etc/vsftpd.user_list ti pojdu
toto "ftp auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed" je potom duplicitny (za predpokladu, ze vsftpd pouziva PAM, cim som si nie isty, ved skus ldd `which vsftpd`)

ak toto nepomoze, co je dosti pravdepodobne, tak pripoj este
finger na uzivatela, ktorym sa chces prihlasit (mozno ma zly shell, moc nizke uid?, etc.)
logy z authlogu (pamkove a tak), ak su nejake
a ldd vsftpd (nech vieme ci pouziva pamko)

0000010100063540000635420210967700063692026161580261725602621325
ventYl
 ventYl      07.09.2006 - 23:08:55 , level: 2, UP   NEW
skor by som povedal, ze PAM nepouziva, nakolko PAM na slackware nie je a neverim, ze by ho dotycny kvoli vsftpd doinstaluvaval, takze sa skor autentifikuje voci shadow suite... neviem, ako je to u vsftpd, ale u proftpd existuje opsna require valid shell, ktora urcuje, ci user musi, alebo nemusi mat shell na stroji, ak nemusi, tak zerie svoj vlastny subor s heslami..