Dear friends here it is the solution to my (strange) question concerning
the way to avoid anonymous ftp user knowing the O.S. to wich they are
connected to. I presume that if they are malicious the knowledge of the
O.S. could later help them to better attack the machine. I MUST say that
dott. Blinn reply, while giving (as usuall) the right technical answer,
states as follows:
As "security" problems go, this is the least of your worries. If hackers
can get as far as the ftp daemon, you're already in trouble.
and that is 200% true!
Anyway, as suggested by Tom Blinn the solution is to edit the
/usr/sbin/ftpd (binary executable file) changing strings as necessary.
It is the first time I edit a binary executable file, and I found out
that not changing the total number of bytes, it is possible to change
strings. I changed the format in wich the unwanted info are written to
sdtout. I changed from format %s into format %d and it works!
In T64 v5.0 ftpd the changes are as follows:
%s FTP server (%s %s) ready.
to
%s FTP server (%d %d) ready.
UNIX Type: L%d Version: %s %sn: %d %de strings are different, but once you
located the strings "server" and "UNIX" you easily see where to change
the formats.
The result in ftp-ing to my server now is as follows:
220 mantegna.casaccia.enea.it FTP server (???????????? 1073751056) ready.
Name (mantegna:root): ftp
331 Guest login ok, send ident as password.
Password:
230 Guest login ok, access restrictions apply.
Remote system type is ????.
ftp> system
215 ???? Type: L8 Version: 1073749176 536870440 (Rev. 536870472)
ftp>
Tom Webster suggested to use wu-ftpd which has improvements respect to
ftpd and ...
... it allows you to specify how much detail is provided in
the connection string:
'greeting full' is the default and shows the hostname and daemon version.
'greeting brief' whose shows the hostname.
'greeting terse' simply says "FTP server ready."
You can also specify your own text for the greeting.
Thanks to
"Dr. Tom Blinn, 603-884-0646" <tpb_at_doctor.zk3.dec.com>
Tom Webster <webster_at_ssdpdc.lgb.cal.boeing.com>
Ciao from Italy,
Emanuele
--
$$$ Emanuele Lombardi
$$$ mail: AMB-GEM-CLIM ENEA Casaccia
$$$ I-00060 S.M. di Galeria (RM) ITALY
$$$ mailto:lele_at_mantegna.casaccia.enea.it
$$$ tel +39 06 30483366 fax +39 06 30483591
$$$
$$$ |||
$$$ \|/ ;_;
$$$ What does a process need | /"\
$$$ to become a daemon ? | \v/
$$$ | |
$$$ - a fork o---/!\---
$$$ | |_|
$$$ | _/ \_
$$$* Contrary to popular belief, UNIX is user friendly.
$$$ It's just very particular about who it makes friends with.
$$$* Computers are not intelligent, but they think they are.
$$$* True programmers never die, they just branch to an odd address
$$$* THIS TRANSMISSION WAS MADE POSSIBLE BY 100% RECYCLED ELECTRONS
Received on Wed Feb 02 2000 - 09:40:43 NZDT