Solved

FTP Linux server accessed from web browser

Posted on 1997-08-29
8
328 Views
Last Modified: 2013-12-23
My FTP server works fine in general except when someone access it with a graphical web browser (instead of the normal ftp command). In this case, the contents of directories are not listed despite you can download the files if you know the full path&name.
 
If you want to take a look at it, the anonymous FTP server name is
      nikolai.ija.csic.es
You would see that accessing it with the command
      ftp nikolai.ija.csic.es
you can do ls, get, cd, etc, while accessing it with a web browser (netscape) to the address ftp://nikolai.ija.csic.es/ no directory tree will appear.
 
I really can't manage with this trouble. I took a look at ftpaccess but didn't know what to do. Permisions in FTP home are read for everybody.  :-(

Any help will be great!
Thanks
0
Comment
Question by:dgarcia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 

Expert Comment

by:bkc
ID: 1582365
I logged into your system as an anonymous user with a command-line FTP client.

a LIST command produces NO OUTPUT.

I suspect that you do not have the directory ownership set correctly on your server.

/etc/ftpaccess controls only part of the security aspects.

The directory rights are also only part of the issue. You said everyone has read access, but if the 'owner' or 'group' do not
have read access, and the 'anonymous user' is the owner or in the group, the rights you've assigned to 'everyone' will not apply
to the anonymous user.


0
 
LVL 2

Accepted Solution

by:
nicademus earned 100 total points
ID: 1582366
Do the following, based around what bkc has said...I have tried to log in, but it is very slow, I also could not get a list from either Netscape or ftp....


cd /home
ls -lR ftp | more
look through the directory structure and verify that all the files are owned by root
change the ftp user's shell to /bin/false, because the user does not nee a shell to log in:

chsh ftp
Changing shell fot ftp.
New Shell [/bin/true]: /bin/false
You will get a warning...ignore it.

Now....change the ftp permission setting...
chmod 555 ~ftp

change the settings on ~ftp/bin and ~ftp/etc to 111, and the contents of ~ftp/bin also.

chmod 111 ~ftp/etc
chmod 111 ~ftp/bin
chmod 111 ~ftp/bin/*

now...
chmod 444 ~ftp/etc/*
chmod 555 ~ftp/pub
chmod 555 ~ftp/usr
chmod 555 ~ftp/lib
chmod 1733 ~ftp/incoming

if you don't already have a couple of files in the /home/ftp directory called .rhosts and .forward do the following...
touch ~ftp/.rhosts
touch ~ftp/.forward
chmod 400 ~ftp/.rhosts
chmod 400 ~ftp/.forward


Well all should work, but you also have to make sure that your FTPD is appropriately set up and running anyway.

I have attemtped to FTP a file to your incomign directory, which is the ftpaccess file which resides in your /etc directory, have a look at it and see if it is similar to yours.  If you cannot see it, try getting it from   ftp://mdm-209.quantum.net.au/pub/ftpaccess


Nica...
0
 

Expert Comment

by:hotlava
ID: 1582367
Your ftp daemon does not allow passive mode.  Enabling this could well be worth a try.
0
Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

 

Author Comment

by:dgarcia
ID: 1582368
To Nicademus:
Thanks a lot before starting. Despite your question was very well exposed, I'm still trying. My ftpaccess seems to be ok (same as yours but changing the directory names in it). I have two doubts:
1) does the ftp directory tree have to be owned by root (as you said) or could it also be owned by ftp. Anyway, i tried both possibilities and nothing changed.
2) What do you mean with "make sure that your FTPD is appropriately set up".
 
To everybody:
1) What does it mean and how can I switch on the "passive ftp mode".
2) Somebody said that i should put a copy of the 'ls' command in my ftp/bin/. Is it necessary? Anyway, I also tried that and still it didn't work.

Sense of humour is the last thing to loose.  )8-D
0
 
LVL 2

Expert Comment

by:nicademus
ID: 1582369
We'll get back to you...funny man....=)  I gotta think back as to why mine wasn't working some time back, when I first installed this Slakware CD set....
0
 

Author Comment

by:dgarcia
ID: 1582370
Still, I want to insist in the fact that *sometimes* you can do an ls when connecting via the manual ftp command. Examples:

1) from another AIX terminal to which i have access, you can connect and do 'ls', but you can't do 'ls -l' or 'dir' (you don't have an error, but there is no output except "PORT command successful; Opening ASCII...; Transfer complete.").

2) from the same AIX-IBM machine but connected as a local user of my problematic linux server (not as 'anonymous') you CAN do 'ls', 'ls -l' (with the same output as entered from the command line ls), 'dir' & whatever.  

3) from the linux server itself, you can connect as anonymous to the ftp server but there is no way to do neither ls NOR ls -l NOR dir.

etc...

I start to think about reviewing the difficulty rate of this question.

If you prefer e-mail contact: dgarcia@ija.csic.es
0
 

Author Comment

by:dgarcia
ID: 1582371
Still, I want to insist in the fact that *sometimes* you can do an ls when connecting via the manual ftp command. Examples:

1) from another AIX terminal to which i have access, you can connect and do 'ls', but you can't do 'ls -l' or 'dir' (you don't have an error, but there is no output except "PORT command successful; Opening ASCII...; Transfer complete.").

2) from the same AIX-IBM machine but connected as a local user of my problematic linux server (not as 'anonymous') you CAN do 'ls', 'ls -l' (with the same output as entered from the command line ls), 'dir' & whatever.  

3) from the linux server itself, you can connect as anonymous to the ftp server but there is no way to do neither ls NOR ls -l NOR dir.

etc...

I start to think about reviewing the difficulty rate of this question.

If you prefer e-mail contact: dgarcia@ija.csic.es
0
 

Author Comment

by:dgarcia
ID: 1582372
hotlava, how do i "enable the passive mode" of my ftp deamon?
0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses
Course of the Month7 days, 5 hours left to enroll

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question