Dirk H. Schulz
2010-Mar-22 12:41 UTC
[CentOS] VSFTPD accepting same user/session from different IP addresses
Hi folks, I have found the following in my logs: Wed Mar 10 15:52:33 2010 [pid 15232] [uploaduser] OK MKDIR: Client "195.200.70.*40*", "/04 LV gelieferte Daten 04_2010/04 LV Seiten/Jungz?chter" Wed Mar 10 15:52:33 2010 [pid 15231] [uploaduser] FAIL MKDIR: Client "195.200.70.*41*", "/04 LV gelieferte Daten 04_2010/04 LV Seiten/Jungz?chter" Wed Mar 10 15:52:36 2010 [pid 15232] [uploaduser] OK UPLOAD: Client "195.200.70.*40*", "/04 LV gelieferte Daten 04_2010/04 LV Seiten/Jungz?chter/Kooperationsseminar.doc", 23552 bytes, 13.89Kbyte/sec Wed Mar 10 15:52:37 2010 [pid 15231] [uploaduser] OK UPLOAD: Client "195.200.70.*41*", "/04 LV gelieferte Daten 04_2010/04 LV Seiten/Jungz?chter/Veranstaltungen der Jungz?chter im Jahr 2010.doc", 23552 bytes, 9.07Kbyte/sec Wed Mar 10 15:52:38 2010 [pid 15232] [uploaduser] OK UPLOAD: Client "195.200.70.*40*", "/04 LV gelieferte Daten 04_2010/04 LV Seiten/Jungz?chter/Foto Kooperationsseminar von laura weber.JPG", 13445 bytes, 9.90Kbyte/sec What I am concerned about is the fact that the client sends out using various gateways at once. Is there some configuration item in VSFTPD which can prevent this and reject packets from the additional ip addresses? Any hint or help is appreciated. Dirk -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20100322/b4284b68/attachment-0002.html>
Kai Schaetzl
2010-Mar-22 14:31 UTC
[CentOS] VSFTPD accepting same user/session from different IP addresses
Dirk H. Schulz wrote on Mon, 22 Mar 2010 13:41:50 +0100:> What I am concerned about is the fact that the client sends out using > various gateways at once. Is there some configuration item in VSFTPD > which can prevent this and reject packets from the additional ip addresses?Note, this is not the same session, it's a different connect with the same user credentials. I don't see a problem with this. It's not a security problem and it's hardly a load problem. Users usually don't have more than one IP at their disposal at the same time. This is one of the few cases where this is different. AFAIK, there is no option to allow only x logins per user, only x logins per IP. You could go to the vsftpd mailing list (if there is one) and ask about this additional feature. Kai -- Get your web at Conactive Internet Services: http://www.conactive.com
Maybe Matching Threads
- Reisegutschein - Angebot der Woche
- Reisegutschein - Angebot der Woche
- Neues über die deutsche Übersetzung der Samba-3-Dokumentation -- News for the german translation of the Samba-3-docs
- Trying to establish a unidirectional Trust between windows 2003 and samba 3
- Ubuntu und R