rg@msel.unh.edu (Roger Gonzalez) (03/05/91)
Is there an easy way to get the name associated with an address? I usually use nslookup, and set querytype to ptr. So, yesterday, for example, when I was trying to figure out who was snooping around one of my machines, I took their address (129.55.20.2) and did nslookup set q=ptr 2.20.55.129.in-addr.arpa And it told me it was a bad domain. This -usually- works for me. The other ways I get info on an address is by 1) telnetting to it (gives short name) 2) telnetting to the SMTP port on the machine (tells long name), 3) fingering at the machine. If the machine is apparantly closed off from all access, as 129.55.20.2 was, I use the lserver option of nslookup, and try to find a nameserver that has the machine in its 'ls' display. (I ordinarily wouldn't care about anonymous ftps, but the machine connected to was a PC in an office that I was surprised that anyone had the name for) Anyway, are there better ways to find out where a ftp-er was coming from? By the way- is the password typed by anonymous ftp-ers actually stored anywhere by unmodified ftpd programs? Or is the "type user@host for password" just sent to the bit bucket? -Roger -- "The question of whether a computer can think is no more interesting than the question of whether a submarine can swim" - Edsgar W. Dijkstra rg@[msel|unhd].unh.edu | UNH Marine Systems Engineering Laboratory r_gonzalez@unhh.bitnet | Durham, NH 03824-3525
Kimmo.Suominen@lut.fi (Kimmo Suominen) (03/05/91)
>>>>> On 4 Mar 91 17:23:00 GMT, rg@msel.unh.edu (Roger Gonzalez) said:
Roger> By the way- is the password typed by anonymous ftp-ers actually stored
Roger> anywhere by unmodified ftpd programs? Or is the "type user@host for
Roger> password" just sent to the bit bucket?
At least LUT.FI keeps it safe in its syslog (and yes - of course I am
paranoid ;-) and I would assume others do, too.
--
Kim / Internet: Kimmo.Suominen@lut.fi
"That's what I think." / Bitnet: KIM@FINFILES
rom@mvsun.ericsson.se (Robert Malmgren TK/DG) (03/10/91)
rg@msel.unh.edu (Roger Gonzalez) writes: >Anyway, are there better ways to find out where a ftp-er was coming from? >By the way- is the password typed by anonymous ftp-ers actually stored >anywhere by unmodified ftpd programs? Or is the "type user@host for >password" just sent to the bit bucket? The ftpd server as distributed with 4.2BSD just ignores what the anonymous ftp:er writes for password. Several people has made enhancements to the code to force a DNS address as password which in turn are checked up and saved in a database. One of these changed ftpd can be found at funic.funet.fi if you are interested in checking it out. >-Roger -- Rob ------------------------------------------------------------------------------- Robert Malmgren ! Phone: +46 8 7197937 ! Internet: rom@miranda.ericsson.se MV/ETX/TK/DG ! Fax : +46 8 7196443 ! UUCP: ..uunet!mvsun.ericsson.se!rom Ericsson Telecom ! Home : +46 8 933733 ! SUNET : MINDA::ROBERT