[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: anon ftp/mail



Jon writes:

> > Find someone who can give you a temp account that you can download 
> > from... ...something that will be erased. The only other way would be to 
> > hack out a copy of ftp to send false information
> 
>    Spoofing your DNS info, while certainly possible [ and this is 
> assuming lame admins, no identd, no tcpwrapper, etc. ] is probably not 
> the easiest way to go about it.  I have to believe that none of the 
> common ftpd's are brain-dead enough to trust nameservers extensively.

Some of them do, some of them don't, at least for anon-ftp.  I have accounts
behind two different kinds of firewalls - the accounts behind router-based
firewalls have difficulty with the FTP servers that authenticate using
RFC931 or DNS, since the firewall blocks them, while the accounts behind
the AT&T Firewall (ref. Cheswick and Bellovin) need to use proxy ftp clients,
but don't have trouble accessing the servers, which think (incorrectly)
that the requests are coming from the outside part of the firewall.

	Bill