* Kalle Hasselstr?m ([EMAIL PROTECTED]) spake thusly:
...
> Two more questions popped up, regarding inetd. bsd-ftpd is started by
> inted on incoming calls. How can I
>
> a) Temporarily disable ftp? I thought it would be a good idea to do
> this when it's not being used, to be on the safe side. I won't be
> using it much at all, not even once a week.
IIRC xinetd allows you to set date/time based access controls.
You could do more with a wrapper around in.ftpd, if you can
write a wrapper like that. You could go as far as write a wrapper
that needs a specific packet -- if it receives that, it spawns
ftpd, otherwise it drops the connection ("knock first", often used
by trojans). Or you could run ftpd standalone, ssh to the box and
do "/etc/init.d/ftpd start" before ftp'ing.
> b) Change the port? The default port for ftp is 21, but I'd like it to
> use 12345 or something instead. This is just to confuse people,
> especially my ISP who with a rather sweeping statement disallows
> "servers". They just want to keep the traffic volume down, and I won't
> be generating overly much traffic, but nevertheless I thought it might
> be prudent to assume that they check for requests on ports 21 and 80.
Would
"12345 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.ftpd -q"
work? Also, you can tell standalone server what port to listen to,
e.g. "Port 12345" for ProFTPD.
Dima
--
E-mail dmaziuk at bmrb dot wisc dot edu (@work) or at crosswinds dot net (@home)
http://www.bmrb.wisc.edu/descript/gpgkey.dmaziuk.ascii -- GnuPG 1.0.4 public key
Q276304 - Error Message: Your Password Must Be at Least 18770 Characters
and Cannot Repeat Any of Your Previous 30689 Passwords -- RISKS 21.37
