Re: vsftpd



Hi Mark

Mark Hobley a écrit :

Run the timed restricted service on the normal port, and have a second service
on a different port number that recognizes only your login that runs 24/7.


It's a good idea. But while I was talking with Allen, I found that I forgot to consider the good ones, the ones who only make small xfers during the day. These I don't want to flush them.

So it raises the difficulty a bit higher and that's why I proposed a http transfer page. That way, only a little php programming and I will reject all transfers that would take too long to complete.

I can catch the IP along with the loggin to decide if I accept or reject the connection thus identifying a loggin sharing. Then, evaluate the transfer size to accept the transfer during the day.

Public key, as said Allen, are a good protection but also it's easy to tick the pwds so they don't last longer then a month. That way it shoud discourage a lot of non-authorized loggers. At least I think. But I'm not a pro in server administration.
.