On 12/14/2016 03:07 PM, John Newman wrote:
Naught to do with Debian, but goddam I'm sick of seeing IPs from all over the world logging into our one anon ftp server and recursively trying to upload Photo.scr over and over, until the little monitor script catches and blocks it.
The file is of course actually a Windows executable, not a ".scr" file...
First, why the hell are you running an anonymous FTP server in 2016?! FTP needs to die... it was designed in an era where it was acceptable to send passwords across the internet in plain text. That era is long gone. HTTP (really HTTPS now) for downloads, and SFTP/SCP for the use cases where HTTP(S) won't really fit. Second, if I remember right, .scr *is* a type of Windows executable (originally used for screensavers). Thank Microsoft for that one... most people wouldn't recognize .scr the way they would, say, .exe, .dll, and the like. This is why I like the Unix method a lot better: if you want to run something, you either have to feed it to something like bash or python on the command line, or give it execute permissions. Of course, the flip side of this is that mounting stuff over SMB has the executable bit set on everything, even stuff for which an execute action would not make any sense... which kind of shoots down this rudimentary security mechanism. (Again, blame Microsoft, who clearly thinks the existence of an execute permission bit is redundant.) Not much I haven't said before, though: <http://www.rantroulette.com/tag/microsoft> -- Shawn K. Quinn <skquinn@rushpost.com> http://www.rantroulette.com http://www.skqrecordquest.com