Newsgroups: comp.sys.mac.comm Path: utzoo!utgpu!cunews!bnrgate!bwdls61!bnr.ca!bschmidt From: bschmidt@bnr.ca (Ben Schmidt (BNR)) Subject: Re: Telnet INTO a Mac ? Message-ID: <1991Mar15.200621.15994@bwdls61.bnr.ca> Sender: usenet@bwdls61.bnr.ca (Use Net) References:<1991Mar14.011826.18836@marlin.jcu.edu.au> <18365@milton.u.washington.edu> <1991Mar14.060604.19964@PacBell.COM> <1991Mar15.141509.1224@watserv1.waterloo.edu> Organization: Bell-Northern Research Date: Fri, 15 Mar 1991 20:06:21 GMT In article <1991Mar15.141509.1224@watserv1.waterloo.edu> psych@watserv1.waterloo.edu (R. Crispin - Psychology) writes: > A caution if you use NCSA Telnet to allow FTP to the MAC. YOU CANNOT > RESTRICT ACCESS IN ANY WAY. People could FTP to your MAC and GET or > DELETE or PUT anything, anywhere. I wanted to do this since my machine has > our usergroups disk attached and I wanted to let people have access to the > files on it. Richard, in your particular case, you can take advantage of the fact that the files which you want to make network accessible via ftp, are on a separate volume: While you can certainly "cd .." to a parent directory on your Mac *within* the current volume, you can't "cd" to a separate volume on your Mac, through NCSA Telnet's FTP server, without first knowing the name of the volume to which you want to switch. Therefore if you set the transfer directory of your ftp server to the separate usergroups disk you mentioned, users coming into your Mac will only be able to "cd" back to your startup disk *if* they know it's name. (i.e. by executing cd ":Richard's internal harddisk") Keep the name of your startup or any other disk(s) a secret. To further hinder users coming in through ftp, introduce a few non-ascii, and preverably non-displayable characters into your startup disk name as well. (Many FTP clients have problems switching to volumes with non-ascii characters in the target volume name, even if they somehow discover the name of your startup volume.) As an alternative approach TCP/Connect II from InterCon has provision for anonymous ftp and restricting ftp access in it's ftp server implementation. Ben Schmidt Information Technology, Bell-Northern Research bschmidt@bnr.ca FAX:(613) 763-3283 /* My opinions, not BNR's */