This can be a warning to anybody using Interland his or her host company, running NT and Frontpage extensions.

My website was utilized through the anonymous FTP account with a user attached to Home.com. The consumer situated among the hidden sites produced through the frontpage extensions, and submitted roughly 600Mb of Star Wars game data.

It was completed with the conventional Interland security configuration in position. I've informed them that this is actually the situation. However, for those who have an Interland account, I recommend that you simply disable anonymous FTP access altogether and repair any download provisions you've via HTTP until they are able to develop a great resolution.

PS Before anybody asks, the anonymous FTP provision had been employed for an objective - software evualation downloads, therefore it wasn't just left open accidentally.

Training learned - attempt to crack to your website via as numerous apparent routes as you possibly can. I decided to done that, but never considered the hidden FP extensions sites!

You might find this short article very worthwhile which touches on NT security and Interland's actions in the region...
http://www.webtechniques.com/archives/2000/04/newman/

N
Hello,

The issue you're getting, was one significant problem the earlier FrontPage's software ported to Linux had. Permitting customers to see the FrontPage directory That contains the FrontPage password file. Then all of the cracker (insufficient a much better word) would need to do is obtain a program like "Jack the Ripper" and crack the password on the website nice safe computer, Sign in using their newly discovered password and do the things they like.

Although I'm not a specialist from the NT version from the FrontPage client, the issue might be related. It is best to determine precisely how badly you should utilize this FrontPage support. If the reply is "Not much" then It is best to speak to your host and encourage them to disable the FrontPage support for the account. Would save lots of head aches.

Hope this can help.




------------------
[ Jason Berresford ]
www.can-host.com
admin@can-host.com
[ (905)765-8140 ]
Jason,

It had not been a loop hole in Frontpage (despite the fact that you will find some!), it had been a loop hole within the standard security configurations of Interlands NT setup. Bascially there is a ftp-user account that's utilized by anonymous FTP customers. Normally, the account might have no use of every directory, aside from read access around the anonymous tree. Interland, generally, did that however they didn't remember to consider the hidden sites produced by FP, and were set at full access!
triumph595,

Just info, when i stated I am no expert if this involves home windows NT. That information should prove useful for future years




------------------
[ Jason Berresford Admin]
[ http://www.can-host.com ]
[ Admin@can-host.com ]
[ (905)765-8140 ]
  • 1