Determin which FTP server is running and turn off non secure FTP
Taylor, Kaia
Kaia.Taylor at schwab.com
Sun Jun 27 14:19:47 MST 2010
Hi Keith,
I'm glad your problem was solved!
Hi Dan,
I do agree that iptables is awesome to stop all that traffic, including
other packages that may be installed in the future, so extra bonus
there!
I noticed this small difference in how I would implement the iptables
command:
Using -A adds the new rule to the end of the INPUT chain. If there's
already a rule in INPUT that would match and ACCEPT, then adding that
rule to the end would be useless because iptables would never get to
that line to drop all port 21. By using -I (to insert it at the top)
instead of -A, this problem is completely avoided:
iptables -A INPUT -p tcp --dport 21 -j REJECT
changes to:
iptables -I INPUT -p tcp --dport 21 -j REJECT
Regards,
Kaia Taylor
DevSA group -- tis-dco-devsa - jumpword devsa
http://dco-sps.schwab.com/sites/devsa/welcome
<http://dco-sps.schwab.com/sites/devsa/welcome> desk 602-977-5157 pager
6025785439 at vtext.com or white pages
<blocked::http://wp.schwab.com/pogo/searchpopup.do?applicationFrom=OTHER
S&searchOn=LAST_FIRST_ATTR&searchValue=Taylor, kaia> All e-mail sent to
or from this address will be received by the Charles Schwab corporate
e-mail system and is subject to archival and review by someone other
than the recipient.
________________________________
From: plug-discuss-bounces at lists.plug.phoenix.az.us
[mailto:plug-discuss-bounces at lists.plug.phoenix.az.us] On Behalf Of Dan
Dubovik
Sent: Wednesday, June 23, 2010 7:28 PM
To: Main PLUG discussion list
Subject: Re: Determin which FTP server is running and turn off non
secure FTP
FTP control channel is on port 21, data is on 20 (for active ftp). SFTP
uses the SSH daemon, so runs on port 22.
It has been my experience that the pure-ftpd init script is far from
graceful, as Eric pointed out, the error that was given likely means
that the service wasn't running. That, or it just couldn't find the pid
file.
lsof -i :21 will tell you the process (with pid) that is listening on
port 21. You can then kill that process. Provided you have also used
chkconfig to disable the service on startup, it will then effectively be
stopped from running. The rpm -e or yum remove commands listed above
will make doubly sure that the service won't be started up again on the
server. Additionally, you could use iptables to disable any connection
to port 21 on the server :
/sbin/iptables -A INPUT -p tcp --dport 21 -j REJECT
I think that should stop incoming connections on the port.
-- Dan.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20100627/76518a9f/attachment.html>
More information about the PLUG-discuss
mailing list