GentooForum.de

Quellcode

Starting Nmap 4.53 ( http://insecure.org ) at 2008-04-02 12:11 CEST
Interesting ports on tunafix.xonet (192.168.3.10):
Not shown: 1710 closed ports
PORT 	STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
631/tcp  open  ipp
2001/tcp open  dc

Nmap done: 1 IP address (1 host up) scanned in 0.120 seconds

Quellcode

# This is a basic ProFTPD configuration file (rename it to 
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anonymous access.

#UseIPv6                    	off
ServerName                  	"Experience Online FTP"
ServerType                  	standalone
DeferWelcome        	off
MultilineRFC2228    	on
DefaultServer       	on
ShowSymlinks        	on
TimeoutNoTransfer   	600
TimeoutStalled      	600
TimeoutIdle         	1200
#DisplayLogin       	welcome.msg
#DisplayFirstChdir  	.message
ListOptions         	"-l"
#DenyFilter         	*.*/

TransferLog 	/var/log/proftpd/xferlog
SystemLog   	/var/log/proftpd/proftpd.log

#RequireValidShell  	off
#AuthPAM                            	off
#AuthPAMConfig      	ftp
# Port 21 is the standard FTP port.
Port                        	21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                       	022 	022

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit the maximum number of processes per service
# (such as xinetd).
MaxInstances        	10

# Set the user and group under which the server will run.
User                        	proftpd
Group                       	nogroup

# Normally, we want files to be overwriteable.
<Directory />
    	AllowOverwrite      	on
</Directory>

# A basic anonymous configuration, with no upload directories.
#<Anonymous ~ftp>
#   	User                        	ftp
#   	Group                       	ftp
#
#   	# We want clients to be able to login with "anonymous" as well as "ftp".
#   	UserAlias                   	anonymous ftp
#
#   	# Limit the maximum number of anonymous logins.
#   	MaxClients                  	10
#
#   	# We want 'welcome.msg' displayed at login, and '.message' displayed
#   	# in each newly chdired directory.
#   	DisplayLogin                	welcome.msg
#   	DisplayFirstChdir           	.message
#
#   	# Limit WRITE everywhere in the anonymous chroot.
#   	<Limit WRITE>
#           	DenyAll
#   	</Limit>
#</Anonymous>


<IfModule mod_ctrls.c>
ControlsEngine      	on
ControlsMaxClients  	2
ControlsLog         	/var/log/proftpd/controls.log
ControlsInterval    	5
ControlsSocket      	/var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>

SQLAuthTypes	Crypt
SQLAuthenticate users*
SQLConnectInfo  proftpd@tunafix ftp *****
SQLDefaultGID   65534
SQLDefaultUID   65534
SQLMinUserGID   100
SQLMinUserUID   500
SQLUserInfo 	ftpuser username password uid gid homedir shell
SQLLOGFILE  	/var/log/proftpd/proftpd.sql.log


TLSEngine   	on
TLSLog  /var/log/proftpd/tls.log
TLSProtocol 	SSLv23
TLSOptions  	NoCertRequest
TLSRSACertificateFile   /etc/proftpd/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile    	/etc/proftpd/ssl/proftpd.key.pem
TLSVerifyClient off
TLSRequired 	on

Quellcode

Apr 02 13:35:39 tunafix proftpd[1700] tunafix.xonet (asterix.xonet[192.168.2.31]): FTP session closed.

Quellcode

Apr 02 13:34:51 mod_sql/4.2.2[1695]: defaulting to 'mysql' backend
Apr 02 13:34:51 mod_sql/4.2.2[1695]: backend module 'mod_sql_mysql/4.0.7'
Apr 02 13:34:51 mod_sql/4.2.2[1695]: backend api	'mod_sql_api_v1'
Apr 02 13:34:51 mod_sql/4.2.2[1695]: >>> sql_sess_init
Apr 02 13:34:51 mod_sql/4.2.2[1695]: entering   mysql cmd_defineconnection
Apr 02 13:34:51 mod_sql/4.2.2[1695]:   name: 'default'
Apr 02 13:34:51 mod_sql/4.2.2[1695]:   user: 'ftp'
Apr 02 13:34:51 mod_sql/4.2.2[1695]:   host: 'tunafix'
Apr 02 13:34:51 mod_sql/4.2.2[1695]: 	db: 'proftpd'
Apr 02 13:34:51 mod_sql/4.2.2[1695]:   port: '3306'
Apr 02 13:34:51 mod_sql/4.2.2[1695]:	ttl: '0'
Apr 02 13:34:51 mod_sql/4.2.2[1695]: exiting	mysql cmd_defineconnection
Apr 02 13:34:51 mod_sql/4.2.2[1695]: entering   mysql cmd_open
Apr 02 13:34:51 mod_sql/4.2.2[1695]: exiting	mysql cmd_open
Apr 02 13:34:51 mod_sql/4.2.2[1695]: unrecoverable backend error
Apr 02 13:34:51 mod_sql/4.2.2[1695]: error: '1045'
Apr 02 13:34:51 mod_sql/4.2.2[1695]: message: 'Access denied for user 'ftp'@'localhost' (using password: YES)'

Quellcode

mysql> show grants for 'ftp'@'tunafix';
+----------------------------------------------------------------------------------------------------------+
| Grants for ftp@tunafix                                                                               	|
+----------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'ftp'@'tunafix' IDENTIFIED BY PASSWORD '*530DA59A35CE96F7F443A0B0DDA124EDE4EA4A4B' | 
| GRANT ALL PRIVILEGES ON `proftpd`.`ftpuser` TO 'ftp'@'tunafix'                                       	| 
+----------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)

Quellcode

ftp:x:21:21:added by portage for ftpbase:/home/ftp:/sbin/nologin

Quellcode

mysql> show grants for 'ftp'@'localhost';
+------------------------------------------------------------------------------------------------------------+
| Grants for ftp@localhost                                                                               	|
+------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'ftp'@'localhost' IDENTIFIED BY PASSWORD '*530DA59A35CE96F7F443A0B0DDA124EDE4EA4A4B' | 
| GRANT ALL PRIVILEGES ON `proftpd`.`ftpuser` TO 'ftp'@'localhost'                                       	| 
+------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)

Quellcode

# This is a basic ProFTPD configuration file (rename it to 
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anonymous access.

#UseIPv6                        off
ServerName                      "Experience Online FTP"
ServerType                      standalone
DeferWelcome            off
MultilineRFC2228        on
DefaultServer           on
ShowSymlinks            on
TimeoutNoTransfer       600
TimeoutStalled          600
TimeoutIdle             1200
#DisplayLogin           welcome.msg
#DisplayFirstChdir      .message
ListOptions             "-l"
#DenyFilter             *.*/
RequireValidShell       off

TransferLog     /var/log/proftpd/xferlog
SystemLog       /var/log/proftpd/proftpd.log

#RequireValidShell      off
#AuthPAM                                off
#AuthPAMConfig          ftp
# Port 21 is the standard FTP port.
Port                            21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022     022

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit the maximum number of processes per service
# (such as xinetd).
MaxInstances            10

# Set the user and group under which the server will run.
User                            proftpd
Group                           nogroup

# Normally, we want files to be overwriteable.
<Directory />
        AllowOverwrite          on
</Directory>

# A basic anonymous configuration, with no upload directories.
#<Anonymous ~ftp>
#       User                            ftp
#       Group                           ftp
#
#       # We want clients to be able to login with "anonymous" as well as "ftp".
#       UserAlias                       anonymous ftp
#
#       # Limit the maximum number of anonymous logins.
#       MaxClients                      10
#
#       # We want 'welcome.msg' displayed at login, and '.message' displayed
#       # in each newly chdired directory.
#       DisplayLogin                    welcome.msg
#       DisplayFirstChdir               .message
#
#       # Limit WRITE everywhere in the anonymous chroot.
#       <Limit WRITE>
#               DenyAll
#       </Limit>
#</Anonymous>


<IfModule mod_ctrls.c>
ControlsEngine          on
ControlsMaxClients      2
ControlsLog             /var/log/proftpd/controls.log
ControlsInterval        5
ControlsSocket          /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>

SQLAuthTypes    Crypt
SQLAuthenticate users*
SQLConnectInfo  proftpd@localhost ftp acxsql
SQLDefaultGID   65534
SQLDefaultUID   65534
SQLMinUserGID   100
SQLMinUserUID   500
SQLUserInfo     ftpuser username password uid gid homedir shell
SQLLOGFILE      /var/log/proftpd/proftpd.sql.log


TLSEngine       on
TLSLog  /var/log/proftpd/tls.log
TLSProtocol     SSLv23
TLSOptions      NoCertRequest
TLSRSACertificateFile   /etc/proftpd/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile        /etc/proftpd/ssl/proftpd.key.pem
TLSVerifyClient off
TLSRequired     off