| Author |
Message |
admin
Admin
|
# Posted: 6 Aug 2007 04:48 - Edited by: admin
Reply
Thread ni aku buka semata2 nak rekodkan security step yg telah diambil ke atas noGuiX semasa dalam proses pembikinannya atau pun semasa proses penggunaan.
noGuiX Security Test
1)Root password
2)ssh port / allowed user / brute force
3)Minimize service
|
admin
Admin
|
# Posted: 18 Aug 2007 12:17 - Edited by: admin
Reply
vsftpd 2.04
- By default installation, anonymous ftp login & upload tidak dibenarkan.
- By default vsftpd run standalone mode
vsftpd - Browser
Untuk run vsftpd supaya visitor boleh mendownload fail melalui browser (IE, firefox), sila copy paste vsftpd.conf di bawah dan masukkan ke /etc/vsftpd.conf
nopriv_user=ftp
write_enable=NO
local_enable=YES
chroot_local_user=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=NO
anonymous_enable=YES
anon_umask=022
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
anon_root=/var/ftp
no_anon_password=YES
vsftpd - Console
Testing
root@noGuiX:~$ ftp localhost
Connected to localhost.
220 (vsFTPd 2.0.4)
Name (localhost:admin): anonymous
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Aug 18 11:50 admin
drwxr-xr-x 2 0 0 4096 Aug 18 11:47 library
drwxr-xr-x 2 0 0 4096 Aug 18 11:49 media
drwxr-xr-x 2 0 0 4096 Aug 18 11:50 network
drwxr-xr-x 2 0 0 4096 Aug 18 11:47 office
drwxr-xr-x 2 0 0 4096 Aug 18 11:48 system
226 Directory send OK.
ftp> bye
221 Goodbye.
|
admin
Admin
|
# Posted: 30 Aug 2007 03:44
Reply
Testing nmap -sT -O localhost
atleast, no server found running by default.
|
