[unisog] Size Limit on E-Mail Attachments
ritter at its.msstate.edu
Mon Nov 5 15:57:18 GMT 2001
On Mon, 5 Nov 2001, Sheila Hollenbaugh wrote:
> Needless to say, we no longer allow any kind of write access via
> anonymous ftp, though we do allow our people to put up files for
> download. If we create an area for collaborative work which requires
> uploads, it always has a login and password. As a side note, we
> regularly see scans for anonymous ftp access, and assume that the
> scans may just be looking for writeable areas on sites which allow
> anonymous ftp.
The wu-archive or some other enhanced FTP server is the only way to
go. The setup I did for collaboration used two different directories.
One only allowed upload, with directory permissions set such that you
could not even do a directory listing.
The download section only allowed download, and users could have a private
directory that did not allow directory listings if they wanted something
to be private. Add some file timeout scripts for cleanup and you had
very good setup with anon. ftp for most collaboration. Certainly some
collaborative work needed real logins/password but the vast majority were
well suited to the above.
Sometimes files would just appear in incoming directories, but since they
could not download them we never had issues with providing illegal
software services to the web. The cleanup scripts were chatty and let
researchers know within 24 hrs of incoming activity and warned before
removal. Logs also show that external scripts were trolling for anything
in the outgoing directories all the time as well as looking for place
to stash stuff.
Finally, anytime you put out world writeable directories you are
vulnerable to denial of service either intentional or accidental. That
is about the only downside I see to how it works...
More information about the unisog