LINUX.ORG.RU
ФорумSecurity

Proftpd exploit


0

0

Недавно (6-го числа вроде) был поднят вопрос об уязвимости в proftpd. До сих пор вопрос так и не ясен - была ли уязвимость, либо не было её. если и была, то стоит ли опасаться за сервера ? или это был шаг по зарабатыванию денег. Кто что думает ?

anonymous
DoS and SendMail: please help..
какой безопасней

вот, кстати, обнаружил сегодня в логах proftpd следующее:

ACB0EE14.ipt.aol.com UNKNOWN nobody [21/Nov/2006:20:57:24 +0300] "USER anonymous" 331 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:24 +0000] "PASS flashfxp-user@flashfxp.com" 230 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:24 +0000] "SYST" 215 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:24 +0000] "FEAT" 211 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:24 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:25 +0000] "TYPE A" 200 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:25 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:25 +0000] "LIST -al" 226 365
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:26 +0000] "CWD incoming" 250 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:26 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:26 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:27 +0000] "LIST -al" 226 115
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:30 +0000] "MKD a" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:30 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:30 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:31 +0000] "LIST -al" 226 172
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:33 +0000] "CWD /incoming/a" 250 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:33 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:33 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:33 +0000] "LIST -al" 226 115
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:33 +0000] "CWD /incoming" 250 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:33 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:33 +0000] "RMD /incoming/a" 250 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:34 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:34 +0000] "LIST -al" 226 115
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:36 +0000] "CWD /incoming/ " 550 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:39 +0000] "MKD /" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:39 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:39 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:39 +0000] "LIST -al" 226 172
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:47 +0000] "CWD /incoming/ " 250 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:47 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:47 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:48 +0000] "LIST -al" 226 115
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:49 +0000] "MKD 377SiMLe" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:49 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:50 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:57:50 +0000] "LIST -al" 226 177
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:02 +0000] "MKD / /377simle/T@gged__4" 550 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:32 +0000] "MKD Tagged" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:32 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:32 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:33 +0000] "LIST -al" 226 244
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:37 +0000] "CWD /incoming/ / Tagged" 250 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:37 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:37 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:38 +0000] "LIST -al" 226 115
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:55 +0000] "MKD /incoming/ / Tagged/ 4FreeT0wn" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:55 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:55 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:55 +0000] "LIST -al" 226 195
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:57 +0000] "CWD /incoming/ / Tagged/ 4FreeT0wn" 250 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:57 +0000] "PWD" 257 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:57 +0000] "PASV" 227 -
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:58:57 +0000] "LIST -al" 226 115
ACB0EE14.ipt.aol.com UNKNOWN ftp [21/Nov/2006:17:59:12 +0000] "QUIT" 221 -

Попытка взлома? chkrootkit ничего не нашел.

elenath
()
Ответ на: комментарий от elenath

это не взлом, это хуже - flashfxp :)

долбицца зачем-то

theserg ★★★
()
Ответ на: комментарий от elenath

Это кул-хацкоры хотели у тебя варезопомойку сделать.

Deleted
()
Ответ на: комментарий от anonymous

читайте новости - эксплоит выпущен

anonymous
()
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.
DoS and SendMail: please help..
Security
какой безопасней