Security Incidents: Re: ano () ano com ftpd dip.t-dialin.net

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: ano () ano com ftpd dip.t-dialin.net

From: "Ralf G. R. Bergs" <rabe () RWTH-Aachen DE>
Date: Thu, 07 Nov 2002 08:54:47 +0100

On Wed, 06 Nov 2002 16:50:13 -0500, Owen McCusker wrote:

[...]

Has anyone else seen this type of activity from dip.t-dialin.net
or dipsters for short. ;-)?


Sure, I see it all day.

What they're trying to achieve is determine whether you have an "open" FTP 
server which allows them to store "warez" and download them again.

A simple countermeasure against this is to give files that are uploaded to your 
"incoming" directory permissions so that anonymous users can't access them 
anymore. You can even prohibit them from reading the directory's contents so 
that they don't even see which files are stored inside the directory.


-- 
   L I N U X       .~.
  The  Choice      /V\
   of a  GNU      /( )\
  Generation      ^^-^^



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

By Date By Thread

Current thread:

ano () ano com ftpd dip.t-dialin.net Owen McCusker (Nov 06)
- Re: ano () ano com ftpd dip.t-dialin.net Ralf G. R. Bergs (Nov 07)
  - Re: ano () ano com ftpd dip.t-dialin.net Rainer Duffner (Nov 07)
  - Re: ano () ano com ftpd dip.t-dialin.net Dave Laird (Nov 07)
    - Re: ano () ano com ftpd dip.t-dialin.net TOK (Nov 08)
    - RE: ano () ano com ftpd dip.t-dialin.net David Gillett (Nov 08)
- Re: ano () ano com ftpd dip.t-dialin.net Skip Carter (Nov 07)