On Thu, 8 Mar 2001 [EMAIL PROTECTED] wrote:
> hi all:
> some bad guy compromised my redhat server and modified my ftp
> services,and now i can not ftp to my outside redhat server any more
> from my LAN,but i can ftp to the same server from another outside
> server,please tell me which file can allow or deny some ip addresses
> to ftp or not ftp to my redhat server.
>
> my system is:redhat6.1,wu-ftpd2.5
>
>
Check /etc/hosts.allow, and /etc/hosts.deny.
But if your box was compromised, you realy need to back up your data,
wipe the disk, and re-install. Then apply the updates BEFORE puting the
machine back up on the net. You do not know what has been done to your
system that will let the "bad guy" back in any time he want to.
A big part of your problem is htat you have not applied the updates
necessare to keep your machine secure. The version of wu-ftp you are
running has KNOWN security problems. Red Hat has released several
updates for it, and the current version is wu-ftpd-2.6.0-14.6x.
Mikkel
--
Do not meddle in the affairs of dragons,
for you are crunchy and taste good with ketchup.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
