HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   FTP User can see everything in the system tree (http://www.howtoforge.com/forums/showthread.php?t=60437)

Nioubee 4th February 2013 20:29

FTP User can see everything in the system tree
 
1 Attachment(s)
Good evening everyone,

By default when a new user is created he can only see cgi-bin, log, tmp, web and ssl.

But since i installed cacti using an old tutorial based on Ubuntu on my Debian Squeeze server i can now see my entire system tree like i would see it using ssh... What is the fix to repair the FTP ?

See attached file.

best regards,

EDIT: i think i screwed everything...

Quote:

iptables -S (ipv4)
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-N INT_IN
-N INT_OUT
-N PAROLE
-N PUB_IN
-N PUB_OUT
-N fail2ban-courierimap
-N fail2ban-courierimaps
-N fail2ban-courierpop3
-N fail2ban-courierpop3s
-N fail2ban-pureftpd
-N fail2ban-sasl
-N fail2ban-ssh
-A INPUT -p tcp -m multiport --dports 993 -j fail2ban-courierimaps
-A INPUT -p tcp -m multiport --dports 25 -j fail2ban-sasl
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
-A INPUT -p tcp -m multiport --dports 21 -j fail2ban-pureftpd
-A INPUT -p tcp -m multiport --dports 995 -j fail2ban-courierpop3s
-A INPUT -p tcp -m multiport --dports 110 -j fail2ban-courierpop3
-A INPUT -p tcp -m multiport --dports 143 -j fail2ban-courierimap
-A INPUT -d 127.0.0.0/8 ! -i lo -p tcp -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -s 224.0.0.0/4 -j DROP
-A INPUT -i eth+ -j PUB_IN
-A INPUT -i ppp+ -j PUB_IN
-A INPUT -i slip+ -j PUB_IN
-A INPUT -i venet+ -j PUB_IN
-A INPUT -i bond+ -j PUB_IN
-A INPUT -j DROP
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -j DROP
-A OUTPUT -o eth+ -j PUB_OUT
-A OUTPUT -o ppp+ -j PUB_OUT
-A OUTPUT -o slip+ -j PUB_OUT
-A OUTPUT -o venet+ -j PUB_OUT
-A OUTPUT -o bond+ -j PUB_OUT
-A INT_IN -p icmp -j ACCEPT
-A INT_IN -j DROP
-A INT_OUT -p icmp -j ACCEPT
-A INT_OUT -j ACCEPT
-A PAROLE -j ACCEPT
-A PUB_IN -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A PUB_IN -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A PUB_IN -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A PUB_IN -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A PUB_IN -p tcp -m tcp --dport 20 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 21 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 22 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 25 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 53 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 80 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 110 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 143 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 443 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 993 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 995 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 3306 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 8080 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 8081 -j PAROLE
-A PUB_IN -p tcp -m tcp --dport 10000 -j PAROLE
-A PUB_IN -p udp -m udp --dport 53 -j ACCEPT
-A PUB_IN -p udp -m udp --dport 3306 -j ACCEPT
-A PUB_IN -p icmp -j DROP
-A PUB_IN -j DROP
-A PUB_OUT -j ACCEPT
-A fail2ban-courierimap -j RETURN
-A fail2ban-courierimaps -j RETURN
-A fail2ban-courierpop3 -j RETURN
-A fail2ban-courierpop3s -j RETURN
-A fail2ban-pureftpd -j RETURN
-A fail2ban-sasl -j RETURN
-A fail2ban-ssh -s 216.172.110.83/32 -j DROP
-A fail2ban-ssh -j RETURN

ip6tables -S (ipv6)
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
Do i need to reinstall ISPConfig with the update.php script or restart my VPS from a new fresh install ?

pititis 4th February 2013 23:16

Don't worry, those directories are created by jailkit because you added a jailed shell user/cron job. That's the reason.

Cheers

Nioubee 5th February 2013 08:38

Quote:

Originally Posted by pititis (Post 291589)
Don't worry, those directories are created by jailkit because you added a jailed shell user/cron job. That's the reason.

Cheers

Oh sorry, i just checked inside another website and you were right, thank-you !


All times are GMT +2. The time now is 19:54.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.