# A way to investigate ftp server configuration on FreeBSD 6.2



## The_Immortal (Jun 24, 2022)

Hi there!

Dear Sirs,

I'm totally new at FreeBSD but unfortuntaly my current job is concerning to old FreeBSD. I got FreeBSD 6.2-RELEASE-p3 installed and there is no way to update it.

The current problem is the server has open ftp-connection without any login just by IP accessing of this server.
I was looking for tutorials and everyone says that ftp configuration can be found in _/ect/ftpchroot_ file but I don't have such file. I have only _/etc/ftpusers_ that shows restricted users.

Could someone who involved with FreeBSD form its start help me how to find out how can I configure ftp server of FreeBSD 6.2 please?

Thank you very much!


----------



## zirias@ (Jun 24, 2022)

The_Immortal said:


> I'm totally new at FreeBSD but unfortuntaly my current job is concerning to old FreeBSD. I got FreeBSD 6.2-RELEASE-p3 installed and there is no way to update it.


Oh... while this _might_ be problematic: if it isn't possible to upgrade, it must be replaced ASAP.



The_Immortal said:


> The current problem is the server has open ftp-connection without any login just by IP accessing of this server.


You have a _lot_ more problems than that for sure. Tell your boss this machine must be replaced. In case of refusal, contact your CISO. If there isn't one or this doesn't help, better look out for another job, for your own mental health...


----------



## mer (Jun 24, 2022)

Sounds like an old style "anonymous ftp" configuration.

Other than the obligatory "FreeBSD-6.2-RELEASE has been EOL'd for more than a little bit", you could start here:



			File Transfer Protocol (FTP)


----------



## getopt (Jun 24, 2022)

Topics about unsupported FreeBSD versions
					

The FreeBSD Forums cater primarily to end-users and systems administrators. As such, the Forums focus almost exclusively on FreeBSD versions that are officially supported according to the official FreeBSD website. Since resources are scarce, the FreeBSD Forums strongly suggest that anyone asking...




					forums.freebsd.org


----------



## kpedersen (Jun 24, 2022)

On an old install like that I suggest:

Disabling ftp entirely (ports ranges are too hard to lock down)
Compile up a recent HTTP server (using a recent encryption library outside of your aging packages)
Use HTTP to share the software that the old FTP was serving
If used, replace SSH with a newer version
Block every port in the firewall apart from HTTP (port 80) and SSH (22)

After that, you should be pretty safe for a while. So spend this time writing a business case to get it replaced in the next year.


----------



## im (Jun 24, 2022)

First of all you should discover which ftp-server is running (ftpd, proftpd, vsftpd, etc).
Inspect /etc/rc.conf for all lines which are containing 'ftp' and public the name of your ftp-server here.
Another way is to run `sockstat | less` and search for the name of service (2nd column) who is listens tcp4 port 21 (6th column)
We can help you after you specify the name of your ftp server.

The files that you are specified are related only to internal FreeBSD's ftpd which usually runs via inetd.

Слава Україні!


----------



## Deleted member 70435 (Jun 24, 2022)

Zirias said:


> better look out for another job, for your own mental health...


Seems like a good option for him.


----------



## getopt (Jun 24, 2022)

Vadim Alexandrov said:


> Seems like a good option for him.


Good options are, if you are free to choose from.


----------

