Disable anonymous ftp in Solaris 10

Similar Messages

• Disabling anonymous ftp access

  We have just completed a 9iFS install. The previous version of iFS was 1.1.6. We were having problems with anonymous logins (people were dumping garbage in our public folder) and we disabled anonymous FTP by changing the guest password (we also changed it in the IFSDavServletParameters.properties file and modified the ftpserver.def file by setting AnonymousPoolSize = 0 and AllowAnonymousConnections = false. We would like to do the same with 9iFS but these files no longer exist or have been renamed. What are the equivalent files in 9iFS or how else can we go about disabling anonymous logins?
  N

  Hi Siva,
  Yes the SLD and UME is already configured.
  Regards,
  Anupama

• Anonymous ftp access

  We have just completed a 9iFS install. The previous version of iFS was 1.1.6. We were having problems with anonymous logins (people were dumping garbage in our public folder) and we disabled anonymous FTP by changing the guest password (we also changed it in the IFSDavServletParameters.properties file and modified the ftpserver.def file by setting AnonymousPoolSize = 0 and AllowAnonymousConnections = false. We would like to do the same with 9iFS but these files no longer exist or have been renamed. What are the equivalent files in 9iFS or how else can we go about disabling anonymous logins?
  N

  I understand what you're specifically asking for, but could you provide some background on what specific requirement(s) you are seeking to resolve -- the requirement(s) here, and not the proposed solution here using ftp.
  Are you are familiar with ftp attacks, if this is an open Internet site? Open ftp servers are malware magnets.
  If you're trying to avoid having specific (known) users specify authentication, then there are ways to do that. Not the least of which is sftp with the public keys shared. There are other approaches, such as uploads via http-based sites.

• Anonymous ftp does not list directory - Solaris 9

  I've got 2 Solaris 9 systems set up for anonymous ftp access. One will show a directory listing, the other won't. AFAIK, I set them up the same, and the ftpd binaries have the same checksum. Anyone know how to permit the directory listing?
  By directory listing, I mean either the '"dir" command in a command-line session or via a browser (e.g., ftp://ftpserver.whatever.domain)
  Baffling behavior, and I can't find anything in Sun's docs to explain.
  Thanks.

  This is exactly the same question which you posted in this thread:
  ldd on my library (sample.so) fails to resolve SUNW_1.9.1 version of libnsl
  Please don't post the same question twice

• Anonymous ftp

  I'm runing a solaris 8 on a ultra 5. I want to create an anonymous ftp server can some one tells me the steps on hot ot do it or if they have a web site where they show ho to to create one?

  several web sites can apply... btw, you should have posted this to the sysop area as you've said in your post you've got solaris 8...
  a quick search of google
  anonymous ftp solaris setup
  yielded...
  http://www.dbaoncall.net/references/ht_setup_ftp.html
  http://stone.backrush.com/sunfaq/lmh032.html
  You may also want to look at a hardened approach and check for how to setup a chroot environment on solaris (there was a post a week or two back with this question)
  hth

• How to start ftp under solaris 10

  Hi,
  if I try to enable ftp under Solaris 10, I get the message "unsatisfied dependencies":
  root@u015ad2a:.../>svcadm -v enable -rst svc:/network/ftp:default
  svc:/network/ftp:default temporarily enabled.
  svc:/network/inetd:default temporarily enabled.
  svc:/network/loopback temporarily enabled.
  svc:/system/filesystem/local temporarily enabled.
  svc:/milestone/single-user temporarily enabled.
  svc:/system/identity:node temporarily enabled.
  svc:/system/filesystem/minimal temporarily enabled.
  svc:/system/filesystem/usr temporarily enabled.
  svc:/system/filesystem/root temporarily enabled.
  svc:/system/device/local temporarily enabled.
  svc:/milestone/devices temporarily enabled.
  svc:/system/manifest-import temporarily enabled.
  svc:/milestone/sysconfig temporarily enabled.
  svc:/milestone/name-services temporarily enabled.
  svcadm: Instance "svc:/network/ftp:default" has unsatisfied dependencies.
  root@u015ad2a:.../>svcs svc:/network/ftp:default
  STATE STIME FMRI
  uninitialized 9:40:09 svc:/network/ftp:default
  How can I enable ftp?

  This looks sort of like what happened to me just now. I tried svcs -x
  and got:
  # svcs -x
  svc:/network/rpc/gss:default (Generic Security Service)
  State: uninitialized since Mon Apr 18 13:01:12 2005
  Reason: Restarter svc:/network/inetd:default has not initialized service state.
  See: http://sun.com/msg/SMF-8000-4D
  See: gssd(1M)
  Impact: 10 dependent services are not running. (Use -v for list.)
  svc:/network/service:default (layered network services)
  State: offline since Mon Apr 18 13:01:29 2005
  Reason: Start method is running.
  See: http://sun.com/msg/SMF-8000-C4
  See: ifconfig(1M)
  See: /var/svc/log/network-service:default.log
  Impact: 4 dependent services are not running. (Use -v for list.)
  svc:/application/print/server:default (LP print server)
  State: disabled since Mon Apr 18 13:01:12 2005
  Reason: Disabled by an administrator.
  See: http://sun.com/msg/SMF-8000-05
  See: lpsched(1M)
  Impact: 1 dependent service is not running. (Use -v for list.)
  I tried all kinds of things to get gss to run, but I finally realized that
  it was really ifconfig that was the problem. The system has two
  network interfaces, and during installation I gave both of them
  a name. However, hme1 was not really connected to anything.
  All I did to get it to work was
  # cd /etc
  # mv hostname.hme1 no.hme1
  After that, I rebooted, and everything came up OK. I don't know
  if the original problem was the same, but this solved my problem.

• Anonymous ftp configuration

  Hi,
  I'm trying to set up an anonymous ftp server on an Ultra 10 running solaris 8 and am having massive amounts of problems. I did download wu-ftp found on http://www.sunfreeware.com and I installed it but now cannot find the binary executables. I followed the man pages for ftpd and encoutered that it said that even though anonymous worked and had a home directory of / but couldn't see any files or cd into any sub directory.
  Any help would be very helpfull!
  Thank you,
  Cindy Herzberg
  University of Detroit Mercy

  Read these first:
  http://www.cert.org/techtips/anonymous_ftpconfig.html
  http://www.cert.org/techtips/anonymous_ftpabuses.html
  Create the user in NetInfo Manager. Create the directories and assign permissions in Terminal.

• Questions for anonymous ftp

  I installed Solaris 9 on Sun blade 100 and I can use ftp by entering my login account and password set up on this machine. But I can't use anonymous ftp by using "anonymous" and my email address as password. The system reports ftp login failed.
  Today I setup the anonymous ftp by running the command:
  /usr/sbin/ftpconfig /var/tmp where ftpconfig is a shell script for setting up anonymous ftp. ( see more details with "man ftpconfig").
  Now I can anonymous login and I can see the files under /var/tmp (now is the / for anomymous ftp). However , when I want to get the file by "get file1", it gave me the error "/file1 is marked unretrievable"; when I issue "put file2", I got the error "file2: Permission denied on server. (Upload)".
  We are using NIS+ and any hint?
  THX!

  Take a look at your /etc/ftpd/ftpaccess file. Particularly these lines:
  noretrieve relative class=anonusers /
  allow-retrieve relative class=anonusers /pub
  upload class=anonusers * * no nodirs
  # upload class=anonusers * /incoming yes ftpadm ftpadm 0440 nodirs
  The first pair is your "file1 is marked unretrievable" error. The second two relate to your inability to write files.
  Daryl

• Can't get Anonymous FTP folder to work

  According to this Apple doc you can set up a folder for anonymous FTP users. But when I add the "uploads" folder to my ftp root directory, which was relocatd as mentioned bellow. It doesn't seem to work. Anonymous users are sent directly to the ftp root folder rather then the uploads folder. So they can see all my files. I want Anonymous users to only be able to see anonymous user files, not all the ftp files.
  Any thoughts?
  Greg
  http://docs.info.apple.com/article.html?path=ServerAdmin/10.4/en/c6fs20.html
  Server Admin 10.4 Help
  Creating an FTP Uploads Folder for Anonymous Users
  The uploads folder provides a place for anonymous users to upload files to the FTP server. It must exist at the top level of the FTP root directory and be named "uploads." (If you have changed the FTP root directory, then the uploads folder must be at the root of that directory.)
  Use the Finder to create a folder named "uploads" at the top level of your server's FTP root directory.
  Set privileges for the folder to allow guest users to write to it.
  You can set up an FTP upload directory using the mkdir and chmod commands in Terminal. For more information, see the file services chapter of the command-line administration guide.

  Greg,
  can you show us the "upload" directory permissions?
  Also, have you restarted your ftp server?
  Mihalis.

• Anonymous FTP User created by the system lacks the user name

  I'm experiencing some problems and inconsistencies in the Mac OS X Server 10.4.7 FTP service.
  First I'll report this behaviour to evaluate if it's worth a bug report.
  I read in the that the user with user name 'Anonymous FTP User" and short name 'ftp' is created by the system the first time the FTP server is accessed using an anonymous user.
  I noticed that the user is indeed created but its user name field is empty. It doesn't have the associated LDAP record, too.
  If I try to manually create a user with an empty user name field WGM errors, so could this be considered a bug?
  PowerBook G4 867MHz 12,1"   Mac OS X (10.4.7)  

  Hi
  Using NFS u can write the file in XI directories only not on other system
  If u want to write in other System (ECC in u r case) u shud use FTP protocol.
  NFS ===> xi local path
  other path ==> use FTP protocol
  thx
  srini

• Disable CPU core in Solaris 10

  Hi,
  can anybody help me to disable cpu core in solaris 10. my server is Sparc T4-1 server (1 physical processor with 8 core 64 threads). I am able to disable threads using psradm, but not sure about disabling core.
  thanks
  Sajith.P.V

  You can disable a single core in solaris using "psradm -f <cpu id>"
  man page for psradm
  The psradm utility changes the operational status of proces-
  sors. The legal states for the processor are on-line, off-
  line, spare, faulted, and no-intr.
  An on-line processor processes LWPs (lightweight processes)
  and can be interrupted by I/O devices in the system.
  An off-line processor does not process any LWPs. Usually, an
  off-line processor is not interruptible by I/O devices in
  the system. On some processors or under certain conditions,
  it might not be possible to disable interrupts for an off-
  line processor. Thus, the actual effect of being off-line
  might vary from machine to machine.
  A spare processor does not process any LWPs. A spare proces-
  sor can be brought on-line, off-line or to no-intr by a
  privileged user of the system or by the kernel in response
  to changes in the system state.
  Example 1 Setting Processors to off-line
  The following example sets processors 2 and 3 off-line:
  % psradm -f 2 3
  Example 2 Setting Processors to no-intr
  The following example sets processors 1 and 2 no-intr:
  % psradm -i 1 2
  Example 3 Setting Processors to spare
  The following example sets processors 1 and 2 spare, even if
  either of the processors was in the faulted state:
  % psradm -F -s 1 2
  Example 4 Setting All Processors on-line
  % psradm -a -n
  Example 5 Forcing Processors to off-line
  The following example sets processors 1 and 2 offline, and
  revokes the processor bindings from the processes bound to
  them:
  % psradm -F -f 1 2

• How do I disable NFS client in Solaris 10

  I am trying to disable NFS client in Solaris 10. In Solaris 9 I would simply rename /etc/rc2.d/S73nfs.client to /etc/rc2.d/s73nfs.client
  Since /etc/rc2.d/nfs.client does not seem to exist in 10 I'm wondering how to do this.
  Thanks in advance for the help.
  Max

  Since /etc/rc2.d/nfs.client does not seem to exist in
  10 I'm wondering how to do this.Read up on the new Solaris 10 service management faciities. Info at http://docs.sun.com/ There are a couple of tutorial doc's at bigadmin

• How to disable role password in Solaris 11

  Roles can only be assumed by logged in users. That is the definition of a role. Therefore role authentication is to some extent double authentication. The user has already authenticated as himself when he logged in and the sysadmin has enough trust in him to grant him a certain role. So why would he need to authenticate to the role? Isn't that double authentication ? Anyway I can see why that makes sense on a role like 'root' but on other more normal types of roles ? Really?
  Anyway that is not what this posting is about. It is about me not being able to figure out how to disable role password in Oracle 11.
  In Solaris 10 I would do:
  <pre>passwd -r files -d myrole</pre>
  That would set the myrole account to a no password account and that would be enough to disable it.
  In Solaris 11 I cannot make this work. I suspect this is because of the introduction of the roleauth attribute but I've tried all possible combinations:
  <pre>passwd -r files -d myrole</pre>
  <pre>rolemod -K roleauth=user myrole</pre>
  or
  <pre>passwd -r files -d myrole</pre>
  <pre>rolemod -K roleauth=role myrole</pre>
  Can't make any of these work.
  Pls help.

  Hello MrMonza,
  I do not completely understand what you are looking for. Perhaps it would help if you explained, for which purpose you want to use your new role.
  In short, a role is simply a user account, to which you cannot login directly. As to every user account, rights are assigned to each role. And as for every user account, you have to provide a password for it.
  If you want to switch to a role without password, this is nearly the same as extending the rights of your account.
  This is possible by assigning additional profiles to it via /etc/user_attr. Privileged commands, written by you, and connected to these profiles, can be defined in /etc/security/exec_attr.d/local-entries. These commands can be called via pfexec, see pfexec(1), which grants privileges (e.g. uid=0) for just the call.
  See also user_attr(4), prof_attr(4), exec_attr(4) and the "SEE ALSO" sections in there.
  Profiles can be chosen from the predefined profiles in /etc/security/prof_attr.d, or they can be self-assembled from these profiles and authorizations from /etc/security/auth_attr.d.
  New profiles should be stored in /etc/security/prof_attr.d/local-entries.

• Setting Up Anonymous FTP

  I'm filling in for a sick colleague, so some things are already set and shouldn't be changed.
  FTP is already set for Home Directory Only. I need to add an ftp download point for anonymous users. For instance in ServerHD:WebSites:SiteA:Files, I want to provide guest access to the Files folder. The ftp root folder is inside the WebSites folder.
  When I Enable Anonymous Access, all other ftp sites are visible via ftp clients. Is this unavoidable?
  Secondly, how do I determine the ftp address of a file such as ServerHD:WebSites:SiteA:Files?
  Thanks in advance for any help or suggestions.

  When I Enable Anonymous Access, all other ftp sites
  are visible via ftp clients. Is this unavoidable?
  Anonymous ftp appears to be a disappointing shortcoming of OS X Server.
  I resolved the issue by going to http downloads in this scenario.

• E4200 - Anonymous ftp server read and write

  Hello,
  Is there any possibility to set linksys E4200 for support anonymous acces to ftp server in read and write mode ?
  Thanks,
  BR, Mariusz.

  Nope, just anonymous read access only, according to the options they give you. 192.168.1.1--->storage--->administration----> anonymous FTP access (enabled)
  I don't work for Cisco. I'm just here to help.