On Sunday 27 April 2003 03:02, Mike wrote:
I've recently been working on getting an ftp site up. It's mostly a learning experience, but I was checking the logs today, and had a rather amusing anonymous login. The person tried to get to several different directories that didn't exist on my system such as /incoming, /anonymous/incoming, /_vti_cnf, /home /ftproot, /wwwroot and so on. Most look like windows http directories. Total time on the system was about 20 seconds or so. Was this someone trying to hack/upload via a script?
TIA Mike
This was most likely an automated script or binary. You are right; these are the default directories for a windows machine. I'd lock down the ftp if you are worried about it. Don't use anonymous capabilities of the ftp daemon. However, i wouldn't worry to much about them "hacking" you. Obviously, this person isn't too knowledgable trying to exploit a *NIX node using Windows specific directories. ;) -- Thomas Jones Linux-Howtos Administrator