Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

warez issue

0 views
Skip to first unread message

tro...@my-deja.com

unread,
Sep 24, 2000, 3:00:00 AM9/24/00
to
The company I work for has a large file system and is open to user
uploads.. The problem I am running into is an influx of warez.. I was
wondering if there is any advanced scripts or software out there that
is specifically designed to hunt down warez and log their location.
This would save me the time of having to writing a script to deal with
this. Plus I guess no matter how good the software is there is always a
way around it, but our mounts are filling up and we need a quicker way
to remove warez than the simplistic size and name comparisons I've been
using. BTW the systems in question are sun/solaris thanks for any help.

Chris


Sent via Deja.com http://www.deja.com/
Before you buy.

Alan Strassberg

unread,
Sep 24, 2000, 3:00:00 AM9/24/00
to

Check out:
http://www.proftpd.net/

Search for "warez" in the FAQ for ideas how to protect yourself.

alan

Nate Eldredge

unread,
Sep 24, 2000, 3:00:00 AM9/24/00
to
tro...@my-deja.com writes:

> The company I work for has a large file system and is open to user
> uploads..

Don't do that.

> The problem I am running into is an influx of warez.. I was
> wondering if there is any advanced scripts or software out there that
> is specifically designed to hunt down warez and log their location.
> This would save me the time of having to writing a script to deal with
> this. Plus I guess no matter how good the software is there is always a
> way around it, but our mounts are filling up and we need a quicker way
> to remove warez than the simplistic size and name comparisons I've been
> using. BTW the systems in question are sun/solaris thanks for any help.

I doubt there is any good way to identify warez automatically. I
would do it on a social level: when you find something suspicious,
demand that the owner explain his/herself. For added effect, threaten
to inform their boss or call the FBI.

--

Nate Eldredge
neld...@hmc.edu

Jefferson Ogata

unread,
Sep 24, 2000, 3:00:00 AM9/24/00
to
tro...@my-deja.com wrote:
>
> The company I work for has a large file system and is open to user
> uploads.. The problem I am running into is an influx of warez.. I was

> wondering if there is any advanced scripts or software out there that
> is specifically designed to hunt down warez and log their location.
> This would save me the time of having to writing a script to deal with
> this. Plus I guess no matter how good the software is there is always a
> way around it, but our mounts are filling up and we need a quicker way
> to remove warez than the simplistic size and name comparisons I've been
> using. BTW the systems in question are sun/solaris thanks for any help.
>
> Chris

Generally warez problems occur on sites providing writable upload directories
for anonymous users. Is this what you mean by "open to user uploads"?

The trick is to configure things in one of two ways:

1. (OK method): make upload directory writable, but unreadable to anonymous
users. Thus the contents of your public directory can't be listed. This
discourages warez uploaders because they have to provide full pathnames for
anyone else to download what they put on your site.

2. (Better method): make uploaded files unreadable by the anonymous user. Thus
you can upload all you like, but you can't download any of it without a
different, authenticated form of access. This discourages warez uploaders
because it is pointless for them to upload to your site.

In both cases, be sure to control directory ownership, directory creation, and
chmod permissions to prevent anonymous users from altering the permissions on
the upload directory or uploaded files, or from creating subdirectories with
permissions allowing abuse.

Both of these configurations are possible using wu-ftpd. Read the ftpaccess man
page thoroughly and understand it, and you'll get the idea. Be sure to use the
latest version of wu-ftpd; it had a remote root exploit until 2.6.1.

--
Jefferson Ogata : Internetworker, Antibozo
<og...@antibozo-u-spam-u-die.net> http://www.antibozo.net/ogata/
whois: jo...@whois.networksolutions.com

Barry Margolin

unread,
Sep 25, 2000, 3:00:00 AM9/25/00
to
In article <8qllsd$br9$1...@bob.news.rcn.net>,

Jefferson Ogata <og...@antibozo-u-spam-u-die.net> wrote:
>The trick is to configure things in one of two ways:
>
>1. (OK method): make upload directory writable, but unreadable to anonymous
>users. Thus the contents of your public directory can't be listed. This
>discourages warez uploaders because they have to provide full pathnames for
>anyone else to download what they put on your site.

This method is mostly ineffective. Warez distributors simply upload a file
containing a list of all the files, and give this a well-known name. Most
warez downloaders know about this trick.

>2. (Better method): make uploaded files unreadable by the anonymous user. Thus
>you can upload all you like, but you can't download any of it without a
>different, authenticated form of access. This discourages warez uploaders
>because it is pointless for them to upload to your site.

This was the technique we used at a site I admin'ed. The only issue with
it is that when you first do it, the warez distributors may get mad and
retaliate by uploading a ton of crap to fill the disk.

--
Barry Margolin, bar...@genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

0 new messages