/usr/lib/tiger/doc/anonftp.html is in tiger 1:3.2.3-14.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 | <HR><PRE>
</PRE><HR>
<CENTER><H2> Documents for anonftp</H2></CENTER>
<A NAME="ftp001i"><P><B>Code [ftp001i]</B><P>
There doesn't appear to be an anonymous ftp setup on this machine,
and hence there is nothing to check.
<PRE>
</PRE><HR>
<A NAME="ftp002a"><P><B>Code [ftp002a]</B><P>
There is a .rhosts file in the top level of the anonymous ftp
directory. This can allow unauthorized 'rlogin's or 'rsh's to
occur to the ftp account. This indicates a possible intrusion.
The contents of the file are listed immediately following the message.
The machine should be checked for other signs of intrusion and should
be cleaned up. The .rhosts file should be removed.
<PRE>
</PRE><HR>
<A NAME="ftp003w"><P><B>Code [ftp003w]</B><P>
The etc/passwd file in the anonymous ftp directory appears to
contain valid entries in the password field. If these are valid,
then the file can be retrieved and a password cracking program
run against it. The etc/passwd file in the anonymous ftp directory
should simply have a '*' in the password field, and should only
include entries for the 'ftp' and 'root' accounts.
<P>
See CERT advisory CA-93:10 for information on setting up an anonymous
FTP server.
<PRE>
</PRE><HR>
<A NAME="ftp004w"><P><B>Code [ftp004w]</B><P>
Anonymous ftp appears to be setup on this machine, but the directory
field in the password field is empty. This exposes the entire machine
to anonymous users, allowing them to browse looking for security
problems. A specific (not /) directory should be specified.
<P>
See CERT advisory CA-93:10 for information on setting up an anonymous
FTP server.
<PRE>
</PRE><HR>
<A NAME="ftp005f"><P><B>Code [ftp005f]</B><P>
The anonymous ftp directory is set to the root directory (/). This
exposes the entire machine to anonymous users, allowing them to browse
looking for security problems. The directory should be set to a
hierarchy that doesn't allow access to system or user files.
<P>
See CERT advisory CA-93:10 for information on setting up an anonymous
FTP server.
<PRE>
</PRE><HR>
<A NAME="ftp006w"><P><B>Code [ftp006w]</B><P>
Anonymous ftp appears to be setup, but the directory indicated as
the ftp directory does not exist. This indicates either a misconfiguration
or an old setup. This should be corrected by either correcting the
directory name, or deleting the ftp account.
<P>
See CERT advisory CA-93:10 for information on setting up an anonymous
FTP server.
<PRE>
</PRE><HR>
<A NAME="ftp007f"><P><B>Code [ftp007f]</B><P>
The indicated file is owned by the 'ftp' account and is writable. This
may allow unauthorized access to the machine. The indicated file should
be owned by 'root' and not writable by group or world.
<P>
See CERT advisory CA-93:10 for information on setting up an anonymous
FTP server.
<PRE>
</PRE><HR>
<A NAME="ftp007w"><P><B>Code [ftp007w]</B><P>
The indicated file is owned by the 'ftp' account and is writable. This
allows anonymous ftp users to modify this file, possibly compromising
the system. The indicated file should be owned by 'root' and not writable
by group or world.
<P>
See CERT advisory CA-93:10 for information on setting up an anonymous
FTP server.
<PRE>
</PRE><HR>
<A NAME="ftp008f"><P><B>Code [ftp008f]</B><P>
The indicated file is owned by the 'ftp' account, but is not currently
writable. Since it is often possible to change the permissions through
ftp, it may still be possible to modify the file, possibly allowing
an intruder to gain unauthorized access. The indicated file should
be owned by 'root' and not writable by group or world.
<P>
See CERT advisory CA-93:10 for information on setting up an anonymous
FTP server.
<PRE>
</PRE><HR>
<A NAME="ftp008w"><P><B>Code [ftp008w]</B><P>
The indicated file is owned by the 'ftp' account, but is not currently
writable. Since it is often possible to change the permissions through
ftp, it may still be possible to modify the file, possibly compromising
the system. The indicated file should be owned by 'root' and not writable
by group or world.
<P>
See CERT advisory CA-93:10 for information on setting up an anonymous
FTP server.
<PRE>
</PRE><HR>
<A NAME="ftp009w"><P><B>Code [ftp009w]</B><P>
The indicated file is not owned by root. This may allow unauthorized
access to the system. The owner of the file should be root and the
group and write permissions removed.
<P>
See CERT advisory CA-93:10 for information on setting up an anonymous
FTP server.
<PRE>
</PRE><HR>
<A NAME="ftp010f"><P><B>Code [ftp010f]</B><P>
The indicated file is writable by the 'ftp' account. This may allow
an intruder to gain unauthorized access. The group and write permissions
should be removed.
<P>
See CERT advisory CA-93:10 for information on setting up an anonymous
FTP server.
<PRE>
</PRE><HR>
<A NAME="ftp010w"><P><B>Code [ftp010w]</B><P>
The indicated file is writable by the 'ftp' account. This may allow
the system to be compromised. The group and write permissions should be
removed.
<P>
See CERT advisory CA-93:10 for information on setting up an anonymous
FTP server.
<PRE>
</PRE><HR>
<A NAME="ftp011w"><P><B>Code [ftp011w]</B><P>
The 'ftp' account appears to have a valid shell. A valid shell is not
required for the 'ftp' user and can be safely set to /bin/false,
/sbin/nologin, etc.
|