[NTLUG:Discuss] some Qs
MadHat
madhat at unspecific.com
Mon Jan 24 07:44:39 CST 2000
LoneStar wrote:
>
> I have a couple of things I can't seem to resolve. Any help would be
> greatly appreciated.
>
> Red Hat 6.1 on a 686i
> (Red Hat Support clains these are beyond their setup support guidelines)
>
> 1) I have a couple of real users (remote) on my system . When they log
> in with an FTP client, they get full run of my system. I've tried
> various chmod configurations and anything other than 755 or 701 will
> plavce then in the root dir and block net access to thier websites. Any
> ideas of how to keep them from CDUPing past their public_html or user
> dirs ?
There is a section of the FTPd man pages about setting up anonymous anbd
guest accounts. It tells how to set it up so they get chrooted into
their home directory (so they can't get anywhere else). I can tell you
some of the points, but I can't remember them all. You have to add them
to a group, I know guest will work, in the ftpaccess file, usually
located in /etc. There are a few things to look for, like make sure
that group can overwrite and delete, which they can't by default. Then
you make their home directory look like /home/user/./
There are a couple of other things to do, but I can't remember the
details.
man ftpaccess
man ftpd
both will help.
>
> 2) I am trying to setup my firewall to deny access to port 23. I used an
> exaple that came with the install, but when I activate the wall, it
> locks down the system entirely to the point I can't even check my email
> from my ISP. Any ideas of settings and/or a tutorial in laymen's terms?
Depends on how you have it set up. Wether or not it is a firewall for
another network, or if it is just a stand alone machine hooked up to the
internet. There are a lot of different options. I recomend looking at
http://www.linux-firewall-tools.com/linux/firewall/index.html
it will help you build your firewall rules. It can't do everything, and
it may not work at all depending on how you have your network set up...
also look at the usual HOWTOs and such... There is a Firewall HOWTO.
>
> LoneStar
>
> _______________________________________________
> http://ntlug.org/mailman/listinfo/discuss
--
MadHat
More information about the Discuss
mailing list