Solved

sublogin in anonymous ftp using user command

Posted on 1998-10-12
6
476 Views
Last Modified: 2013-12-23
With  wu-ftpd,  when  anonymous  users  ftp in  and  try a
sublogin with the "user"  command, they get this  message:
Can't change user from guest login.

Is there a way to allow sublogins for anonymous ftp?

Are there any  security  issues by allowing  sublogins  in
anonymous ftp?.
0
Comment
Question by:dhana
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 

Author Comment

by:dhana
ID: 1582436
Edited text of question
0
 

Author Comment

by:dhana
ID: 1582437
Expecting the answer?
0
 
LVL 2

Expert Comment

by:squint
ID: 1582438
# man ftpaccess

....

     guestgroup <groupname> [<groupname> ...]
          If a REAL user is a member of any of  <groupname>,  the
          session  is  set  up exactly as with anonymous FTP.  In
          other words, a chroot() is done, and  the  user  is  no
          longer  permitted  to issue the USER and PASS commands.
          <groupname> is a valid group from /etc/group (or  wher-
          ever your getgrent() call looks).

....


0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 7

Expert Comment

by:HalldorG
ID: 1582439
ftp -n machine then you can do user after you get the connection
0
 

Author Comment

by:dhana
ID: 1582440
If ftp is invoked with -n option, no other command is executed
in the ftp session. For example,

ftp1:root> ftp -n ftp1
Connected to ftp1.india.hp.com.
220 ftp1.india.hp.com FTP server (Version 1.1.214.2 Tue Nov  3 06:02:05 GMT 1998
) ready.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
530 Please login with USER and PASS.

In bove example, the only option is, after entering into the ftp seesion, immediately user has to issue the "user" to command to execute any command.

The user has to execute series of command in the ftp session, and then has to issue the "user" command.
0
 
LVL 1

Accepted Solution

by:
dotand earned 20 total points
ID: 1582441
The restriction against sub-login in guest mode is intended. Itherwise I could login to your server as anonymopus and start using the USER command to attempt cracking your system.
Because I'll allrerady be logged and there is no loggin information that is gathered and examined dynamically I'll be set to break your system.

Better that you stick to the old method of letting the users login as usual. If you fear for people grabbing the passwords over the net move to a one time password system or use encrypted connections.

If you will give moire information maybe somebody can tailor a solution to your particular ituation.

HTH,
Dotan
 
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SSH setup on ASA 5505 17 125
hsrp tracking 2 64
Reconfigure Corporate IP Address Scheme 2 61
Wireless router under network , where it from connected to my windows ? 10 64
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question