Tutorial - writable FTP home directory
Writable FTP home directory
Summary
FTP home directory is writable for anonymous users.
Impact
Remote command execution, remote file substitution.
The problem
When the FTP home directory of a UNIX host is writable, a remote
intruder can upload a .rhosts or .forward file to
gain access to the system, or may be able to replace files.
When a PC (DOS or MAC) permits anonymous users write access to its file
system, a remote intruder may be able replace arbitrary programs or
configuration files, or corrupt the file system by filling it up.
Unfortunately, some printers use a writable ftp directory for printing
operations. These are usually not vulnerable to attacks other
than denial of service. SARA drops references to writable directories
for Jet Direct printers.
Fix (UNIX)
- Make sure that the FTP home directory, and all system
files and directories below it, are owned by root.
- Make
sure that they are not writable by anonymous users. As a rule, no file
or directory should be owned by the FTP account.
Fix (Windows)
Do not have any writable directories in the anonymous directory tree.
Hackers have been using writable directories to store copyright and
pornographic materials.
Other tips (UNIX)