Help my, please.I cant control ftpd.

[russfaner]

Help my, please. I have Mac OS Server 10.1.1. I have problem: I cant control ftpd. Commands ftpd, ftpaccess, ftpwho -
-------------------------
[localhost:~] andrey% ftpaccess
ftpaccess: Command not found.
[localhost:~] andrey% ftpwho
ftpwho: Command not found.
[localhost:~] andrey%

I dont know what do

 

[Jadey]

Launch Terminal (Applications -> Utilities -> Terminal) and type: man ftpd

This will give you the options to control the ftpd server. Doesn't Mac OS X server have a GUI interface to admin everything though?

 

[billbaloney]

I highly recommend ProFTPD for OS X servers. It's highly robust and highly configurable. It installs easily on OS X server. The site's documentation can be confusing, but all the information you need to control and fine tune user and group access is available there.

 

[dne]

I can't seem to change any of the default setup in the ftpd command. I've noticed that the command is located in /usr/libexec which prevents it from being called normally. Because of its location i have to specify the directories it is listed under in order to call it.

For example, I would like to enable logging of anonymous ftp transfers with the '-S' option. My roommate and I share files this way often, but nothing appears in the '/var/log/ftpd' log.


Just a thought: does root have to enable such an option? if so, that MAY be where I went wrong.

 

[dne]

i have NetBarrier running as my firewall. don't know if that has anything to do with it

 

[billbaloney]

You need to edit /etc/inetd.conf, which controls the inetd server, which is (by default) what is receiving requests for FTP connections and starting up instances of ftpd.

If you look at that file (you'll have to edit it as root), you'll see an entry for ftp, looking something like this:

ftp stream tcp nowait root /usr/libexec/tcpd /path-to/ftpd

The last column represents the actual command that inetd calls when it receives an FTP request. This should be changed to '/path-to/ftpd -S', or however you want to call it.

Once this is changed, you need to kill inetd (again, as root) and restart it (as root). Write back if this process isn't clear to you.

Matt

 

[dne]

i only editted the last part of the ftp line in the inetd.conf file. it was"ftpd -l" and I changed it to "/usr/libexec/ftpd -llS"....please help

 

[billbaloney]

The entry in the last column should be "/usr/libexec/ftpd -lS".

Now you need to restart inetd -- I can't tell from your entry whether or not you did that successfully. To do this:

ps -agx | grep inetd

-- This will give you a process number in the first column, something like this:

245 ?? Ss 0:00.00 inetd

Now, as root, do this:

kill 245

Now, again as root, do this:

inetd

Give it a shot now.

 

[billbaloney]

Whoops -- I missed those double-l's!

Again, proftpd will allow you a lot more flexibility with all of these configuration details if you ever have time to go through the process of installing it on your system.

Matt

 

[Fahrvergnuugen]

Good info here. Someone should turn this into a How-To

 

[theDarwinian]

 

 

[dne]

one quick question. how do i set the frequency for the logs to archive as gzip files?


a quick note!
i got hacked. My roomate on a PC (I know, I know) found the error when a '. ' {yes that is a 'dot' 'space'} directory was created.

the entire sub-dir was rooted in the ftp folder and chrooted THANK GOD.

the way they did it was by calling all of the sub-dir's something that specifies another directory or is some cases '+' and '-' signs. pure craziness. If you are having similar problems just use a \ before each character you type. the \ takes the next character as literal.
Example:

Type
'cd \.\. ' and YES, there is a <space> after the second '.'

Instead of
cd ..[\COLOR]


hope everyone understands. if not write back and I or someone will probably explain for you.

Below is the directory listing they used to make it difficult to navigate
/uploads/.. /. /com1 /.. /from /~ /.. /-+DPi+- /




Hope this helps someone. Anybody know the name of this hack? if you want to call it a hack I suppose.

 

[lethe]

you can hardly call it a hack if you have anonymous ftp enabled. when you give the whole world (write) access to your machine, you can expect someone sooner or later will take you up on your offer. just because she hid her directory from you buy giving it a cryptic name that the shell will interpret doesn t make it a hack. it is as if you left your front door not only unlocked, but standing wide open, and you live on the busiest super-highway on the planet. i suppose it is not nice for strangers to come into your house, but it s hardly breaking and entering. you can t call such a person a cracker (let alone a hacker!) this sort of thing used to happen to me all the time. i used to just delete those directories on a regular basis. anonymous ftp is a nice way to trade files, but this is the price you pay.


if you don t want this to happen, either make your anonymous ftp access read only, or else install a firewall on your network. a firewall on your machine won t do anything, because it still has to leave the ftp port open, unless you configure it to, for example, only allow ftp traffic from your roommates computer.

 

[Fahrvergnuugen]

Yeah, I wouldn't call that a hack either...someone just wrote a bizzare directory name to your system

On my machine the incoming folder is write only [for the anonymous ftp user] so once they put something there, they can't download it or ever see it again. That way all I have to do is clean out the garbage once in a while.

It's weird...I think there are like anonymous ftp bots that go out and test servers to see if they can find one that they can write to then read from. I see these "1mb test" or "256k test" files all the time.

At any rate, its very hand to have this information. Good post!