bgregory@megatest.UUCP (Brian Gregory) (03/22/89)
When I see "ftp access at x.y.z," how many times I have thought, "We need ARPANET access!" ... A simple question: how does an organization (in this case, my company) get on to "the net?" How much does it cost? Who should I contact? Anybody have any ideas? Thanks in advance! Brian Gregory ...!ucbvax!sun!megatest!bgregory
ntm1169@dsacg1.UUCP (Mott Given) (04/15/89)
How can you set up a script to do anonymous FTP at night, when the network traffic is lighter? -- Mott Given @ Defense Logistics Agency ,DSAC-TMP, Bldg. 27-1, P.O. Box 1605, Systems Automation Center, Columbus, OH 43216-5002 INTERNET: mgiven%dsacg1.uucp@daitc.arpa I speak for myself Phone: 614-238-9431 AUTOVON: 850-9431
dente@s2.uucp (Colin Dente) (04/20/89)
In article <43200074@uicsrd.csrd.uiuc.edu> kai@uicsrd.csrd.uiuc.edu writes: > >> /* Written 12:16 pm Apr 14, 1989 by ntm1169@dsacg1.UUCP in uicsrd.csrd.uiuc.edu:comp.unix.wizards */ >> >> How can you set up a script to do anonymous FTP at night, when the >> network traffic is lighter? > >It is possible to do this, but not too secure, since you have to put the >password in a file. It also has no capability for handling any random errors. > Surely it doesn't have to be *that* unsecure, as if you have a .netrc file containing the line: machine machinename login myaccountname password mypassword, then you can get away with something like: #!/bin/sh ftp << EOM cd comp.sources.unix/volume17/screen mget * bye EOM exit (The point being that .netrc has a mode of 500 or something like that - but then again, what's wrong with you original script being 700 - unless you can't trust root - but then you might as well give up and go home (or give root the sack)). I know this works 'cos I regularly use something very similar for printing files on one machine on another machine's printer (the machine with the printer is an Apollo running the Aegis print server which doesn't allow remote spooling ... unless I've missed something, that is...) However - and this is a rather major however - isn't the whole point of anonymous ftp (which is what the original article refers to) that you can get things without the honour of having an account on the relevant machine - so there is no security risk, as there is no password to hide - your script becomes something like: . . . ftp -n << EOM open illustriousmachinefullofarchivesi'dlovetogetholdof user anonymous (or guest or whatever) anyoldcrapforapassword . . . (Sorry about the vagueness about anonymous ftp - but being the wrong side of 'the pond' I don't have much call for such things - my machine may well have an official internet address - but I can't use it - moan moan grumble grumble grumble....) (Still true about the random errors though.......) (oh, and it goes without saying? you use at to run it in the wee small hours..) Colin =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= | Colin Dente | JANET: dente%s2@uk.ac.man.cs.ux | | Dept. of Electrical Engineering | ARPA: dente%s2%man.cs.ux@ukacrl.BITNET | | University of Manchester | UUCP: ...!mcvax!ukc!man.cs.ux!s2!dente | | England | | |-----------------------------------------------------------------------------| | ======================================================================= | =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
kai@uicsrd.csrd.uiuc.edu (04/21/89)
/* Written 8:58 am Apr 20, 1989 by rsalz@bbn.com in uicsrd.csrd.uiuc.edu:comp.unix.wizards */
> You can save a few lines if you replace #!/bin/sh with "#! /usr/ucb/ftp -n"
This doesn't work. When you use "#! /path" at the beginning of a script, the
BSD Unix passes the name of the script to the program "/path" as a command
line argument, not connected to standard input. Ftp doesn't support this.
Patrick Wolfe (pat@kai.com, kailand!pat)
System Manager, Kuck & Associates, Inc.kai@uicsrd.csrd.uiuc.edu (04/24/89)
> /* Written 10:47 am Apr 20, 1989 by dente@s2.uucp in uicsrd.csrd.uiuc.edu:comp.unix.wizards */ > Surely it doesn't have to be *that* unsecure, as if you have a .netrc file > containing the line: > machine machinename login myaccountname password mypassword The .netrc file is a potentially *horrible* breach of security. One of the first rules taught about passwords is "never write them down". You're right, there is probably very little to worry about security-wise when using a script to anonymously FTP something. I just wanted to point the potential hazard out for people who might take this a step further and try to write non-anonymous FTP scripts. Patrick Wolfe (pat@kai.com, kailand!pat) System Manager, Kuck & Associates, Inc.
dente@s2.uucp (Colin Dente) (04/27/89)
In article <43200079@uicsrd.csrd.uiuc.edu> kai@uicsrd.csrd.uiuc.edu writes: > >> /* Written 10:47 am Apr 20, 1989 by dente@s2.uucp in uicsrd.csrd.uiuc.edu:comp.unix.wizards */ >> Surely it doesn't have to be *that* unsecure, as if you have a .netrc file >> containing the line: >> machine machinename login myaccountname password mypassword > >The .netrc file is a potentially *horrible* breach of security. One of the >first rules taught about passwords is "never write them down". > >You're right, there is probably very little to worry about security-wise when >using a script to anonymously FTP something. I just wanted to point the >potential hazard out for people who might take this a step further and try to >write non-anonymous FTP scripts. Okay - I'm fairly new to this Unix sys-admin game, so enlighten me. Just *how* insecure is a file with mode 0X00? - providing (as I said before) you can trust root (which I can - 'cos he's me!). Just how easy is it for someone to crack security easily enough to read such a file? Colin =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= | Colin Dente | JANET: dente@uk.ac.man.ee.els | | Dept. of Electrical Engineering | ARPA: dente@els.ee.man.ac.uk | | University of Manchester | UUCP: ...!mcvax!ukc!man.ee.els!dente | | England | NB. these will work as of 28/4/89 | |-----------------------------------------------------------------------------| | Well I know how to behave in the restaurant now, | | I don't tear at the meat with my hands. ....Well, not always.... | =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=