Doesn't wu-ftpd use the /home/ftp/etc/passwd file for this information, after doing a chroot during anonymous ftp? In which case, this is more of a configuration issue rather than a wu-ftpd issue? Because it depends on what you put in /home/ftp/etc/passwd. -- Brian Hayward http://www.slothmud.org/~hayward/mic_humor.html On Fri, 12 Nov 1999, Mnemonix wrote: >There's feature of the WU-FTP daemon (Version 2.4.2 tested as well as earlier versions) (http://www.academ.com/academ/wu-ftpd/) that allows a remote user to workout what flavour of UNIX the ftp server is running on. When using the cd (CWD) command to a user accounts home directory (cd ~user) the WU-FTPD will reveal the accounts physical path if the account is a built in standard account such as root or games or uucp etc. For non-standard accounts it calims not to know the user: > >ftp> cd ~mail >550 /var/spool/mail: No such file or directory. >ftp> cd ~games >550 /usr/games: No such file or directory. >ftp> cd ~root >550 /root: No such file or directory. >ftp> cd ~guest >550 Unknown user name after ~ >ftp> cd ~jsmith >550 Unknown user name after ~ >ftp> cd ~nobody >550 /dev/null: No such file or directory. > >Knowing what accounts exist on what flavour of UN*X allows a remote user to can then say with a high degree of certainty that they're dealing with a specific platform. > >Cheers, >David Litchfield >http://www.infowar.co.uk/mnemonix/ >Cerberus Information Security >+44(0)181 661 7405 > > > >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:11:38 PDT