Buy
Schedule a Demo
Blog
Contact Us
HOSTING CONTROLLER
CLOUD AUTOMATION PLATFORM
Products
Solutions
Downloads
Support
Resources
About HC
Join us now!
Log in
/
Username
Password
Verification
Stay logged in
Login
Forgot Your Password?
Forgot your Username?
Haven't received registration validation E-mail?
User Control Panel
Log out
Forums
Posts
Latest Posts
Active Posts
Recently Visited
Search Results
View More
Blog
Recent Blog Posts
View More
Photos
Recent Photos
My Favorites
View More
Photo Galleries
PMs
Unread PMs
Inbox
Send New PM
View More
Page Extras
Menu
Forum Themes
Elegant
Progressive
Home
»
[Website Hosting Module]
»
Technical Discussion
»
Annonomous FTP HACK
Mark Thread Unread
Flat Reading Mode
❐
Locked
Annonomous FTP HACK
Author
Post
Essentials Only
Full Version
online
Member
2006/01/17 05:03:15
(
permalink
)
Annonomous FTP HACK
Your system is allowing access to my machines via Annonomous FTP. This is allowing HACKERS to get in and use my system as a dumping ground. This is URGENT we need to fix this immediately. I see several other posts about this.
#1
7 Replies
Related Threads
HC Team
Hosting Controller
RE: Annonomous FTP HACK
2006/01/17 09:34:40
(
permalink
)
We don¬t enable Anonymous FTP. You must have done something yourself. Please disable Anonymous Access from Default FTP Site in IIS and make sure you have sound security measures on your machine.
#2
Steve@VSK
Starting Member
RE: Annonomous FTP HACK
2006/01/18 05:04:43
(
permalink
)
HC by itself allows the creation of anonymous FTP access, that¬s what he means I think...
By the way, I can verify this ¬vulnerability¬...
Mate just ban the anonymous account from your FTP, hoping your FTP server has such a feature.
But I do believe that the fact that HC allows the creation of anonymous account is bad....
#3
HC Team
Hosting Controller
RE: Annonomous FTP HACK
2006/01/18 12:39:38
(
permalink
)
I am afraid I don¬t consider this is a vulnerbility. If you have allowed Anonymous FTP Access under Security Accounts tab for Default FTP Site then on every new FTP user created by HC may have anonymous access due to inheritance feature of IIS.
#4
Steve@VSK
Starting Member
RE: Annonomous FTP HACK
2006/01/20 08:31:56
(
permalink
)
I dunno about MS FTP, but it happens in Serv-U, even with the anonymous access disabled in Serv-u manager....
#5
HC Team
Hosting Controller
RE: Annonomous FTP HACK
2006/01/20 14:24:47
(
permalink
)
When you access any FTP created by HC, Does it prompt user name and password?
#6
Steve@VSK
Starting Member
RE: Annonomous FTP HACK
2006/01/21 05:32:28
(
permalink
)
What do you mean? When you create an account?
Yes it does offer to enter a username and a password, but what if you just put ¬Anonymous¬ as username, and nothing as the password, HC will take it and add the user....
#7
boonchuan
Senior Member
RE: Annonomous FTP HACK
2006/01/24 05:03:15
(
permalink
)
Just curious , what FTP server software are you using? MS FTP? If it is MS FTP, check your IIS FTP setting, remove the anonymous access, that shd solve it.
#8
Jump to
:
Jump to
- - - - - - - - - -
[Website Hosting Module]
- - - - Installation & Configuration / Upgrades / Product Licensing
- - - - Linux Control Panel
- - - - Hosting Controller Value Added Utilities
- - - - Technical Discussion
- - - - Web Hosting Providers
[HC Enterprise Modules]
- - - - Hosting Controller Developer Network
- - - - HC Enterprise Module On-Premises
- - - - HC Virtualization Module
- - - - HC Cloud Services
[Miscellaneous]
- - - - Announcements
- - - - Feedback & Suggestions