[CentOS] VSFTPD accepting same user/session from different IP addresses
Kai Schaetzl
maillists at conactive.com
Mon Mar 22 15:31:18 UTC 2010
Dirk H. Schulz wrote on Mon, 22 Mar 2010 15:41:55 +0100:
> makes me think that the same session with the same commands is
> "delivered" via 2 outgoing gateways, because it would be very
> complicated to have two ftp clients issue the same command in the same
> second. Know what I mean?
No, I don't know. This is *one* client and I bet it's the dreaded
Filezilla. It opens multiple parallel connections if you don't configure
it correctly. And then it's just a matter of how your internet connection
and gateway is setup. This is a big institution with a big IP range
(whois.ripe.net). It's not your usual type of connection, but it's nothing
wrong with it.
>
> By the way, vsftpd seems not to handle this situation securely, so I
> want to prevent any occurance of it.
Again, what's the security problem here?
Kai
--
Get your web at Conactive Internet Services: http://www.conactive.com
More information about the CentOS
mailing list