Ftp si blocca se tento di trasferire un file che contiene nel nome portal

Gabriele Riva gufi a plcforum.info
Dom 13 Nov 2005 17:42:55 CET


Cristiano Deana <cris a gufi.org> ha scritto:
>Non e' un problea di ftpd, questo e' sicuro.
>
>Piuttosto, cosa c'e' installato su quella macchina? A me puzza di 'IDS' 
>attivo.
>
>Manda l'output di:

># uname -a
FreeBSD ******.it 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Mon Feb 23
20:45:55 GMT 2004    
root a wv1u.btc.adaptec.com:/usr/obj/usr/src/sys/GENERIC  i386

># sockstat | grep 21
www      httpd      76780 3  tcp4   192.168.0.2:80        82.51.123.214:3397
www      httpd      76779 3  tcp4   192.168.0.2:80        82.51.123.214:3399
root     inetd      720   4  tcp4   *:21                  *:*
root     master     675   21 stream -> ??

># pkg_info
XFree86-libraries-4.3.0_6      
abook-0.5.0         
adcomplain-3.52     
apache-1.3.29_1     
apcupsd-3.10.6      
arc-5.21j           
autoconf-2.13.000227_5 
autoconf-2.57       
automake-1.4.5_9    
bandwidthd-1.1.6    
clamav-0.65_1       
courier-imap-2.2.0,1
cyrus-sasl-1.5.28_2 
expat-1.95.6_1      
fontconfig-2.2.90_3 
freetype2-2.1.5_1   
gd-2.0.15_1,1       
gettext-0.12.1      
glib-1.2.10_10      
glib-2.2.3          
gmake-3.80_1        
gtk-1.2.10_10       
help2man-1.29       
imake-4.3.0_1       
ipfw-graph-1.4      
jpeg-6b_1           
lha-1.14i_2         
libgmp-4.1.2_2      
libiconv-1.9.1_3    
librsync-0.9.6      
libslang-1.4.9      
libtool-1.3.5_1     
libtool-1.4.3_2     
libungif-4.1.0b1_1  
linux_base-7.1_5    
lynx-2.8.4.1d       
m4-1.4_1            
mc-4.6.0_6          
mkisofs-2.0.3       
mrtg-2.10.5_1,1     
mysql-client-3.23.58
mysql-client-4.0.16 
mysql-server-4.0.16 
net-snmp-5.1        
noip-2.0.12         
p5-DBD-mysql-2.9003 
p5-DBI-137-1.37     
p5-IO-INET6-1.28    
p5-SNMP_Session-0.98
p5-Socket6-0.10     
pcre-4.4            
perl-5.6.1_15       
php4-4.3.4_2        
phpMyAdmin-2.5.4    
pkgconfig-0.15.0    
png-1.2.5_2         
popt-1.6.4_1        
portupgrade-20030723
postfix-2.0.16,1    
python-2.3.2_3      
rc_subr-1.16        
rdiff-backup-0.12.3 
rsync-2.5.7         
ruby-1.6.8.2003.10.15 
ruby-bdb1-0.2.1     
ruby-shim-ruby18-1.8.1.p2 
squirrelmail-1.4.2  
tiff-3.6.0          
trafshow-3.1_3      
unarj-2.43_1        
unrar-3.20,2        
unzip-5.50_2        
webalizer-2.1.10_4  
wget-1.8.2_5        
zoo-2.10.1 

># ps wwaux

USER       PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED      TIME COMMAND
root        12 94.1  0.0     0   12  ??  RL   20Oct05 33120:04.54  (idle:
cpu0)
root        11 91.6  0.0     0   12  ??  RL   20Oct05 31923:07.70  (idle:
cpu1)
mysql      749  2.7  7.8 488776 81448  ??  S    20Oct05 1611:24.36
/usr/local/libexec/mysqld --basedir=/usr/local --datadir=/var/db/mysql
--user=mysql --pid-file=/var/db/mysql/plcforum.pid --port=3306
--socket=/tmp/mysql.sock
root         1  0.0  0.0   760  248  ??  ILs  20Oct05   0:00.42 /sbin/init
--
root        13  0.0  0.0     0   12  ??  WL   20Oct05   0:00.00  (irq1:
atkbd0)
root        18  0.0  0.0     0   12  ??  WL   20Oct05   0:00.00  (irq6:
fdc0)
root        26  0.0  0.0     0   12  ??  WL   20Oct05   1:27.26  (irq14:
ata0)
root        27  0.0  0.0     0   12  ??  WL   20Oct05   0:00.00  (irq15:
ata1)
root        28  0.0  0.0     0   12  ??  WL   20Oct05  19:21.23  (irq16:
em0)
root        61  0.0  0.0     0   12  ??  WL   20Oct05  18:18.52  (swi1: net)
root        62  0.0  0.0     0   12  ??  WL   20Oct05  49:30.41  (swi8:
tty:sio clock)
root         2  0.0  0.0     0   12  ??  DL   20Oct05   2:21.23  (g_event)
root         3  0.0  0.0     0   12  ??  DL   20Oct05  12:50.15  (g_up)
root         4  0.0  0.0     0   12  ??  DL   20Oct05   7:56.88  (g_down)
root        64  0.0  0.0     0   12  ??  DL   20Oct05   4:35.97  (random)
root         5  0.0  0.0     0   12  ??  DL   20Oct05   0:00.00  (taskqueue)
root        67  0.0  0.0     0   12  ??  WL   20Oct05   0:00.00  (swi7:
acpitaskq)
root        70  0.0  0.0     0   12  ??  WL   20Oct05   0:00.00  (swi7:
task queue)
root         6  0.0  0.0     0   12  ??  IL   20Oct05   0:00.00 
(acpi_task0)
root         7  0.0  0.0     0   12  ??  IL   20Oct05   0:00.00 
(acpi_task1)
root         8  0.0  0.0     0   12  ??  IL   20Oct05   0:00.00 
(acpi_task2)
root        71  0.0  0.0     0   12  ??  WL   20Oct05   0:00.99  (swi0:
tty:sio)
root         9  0.0  0.0     0   12  ??  DL   20Oct05   0:09.84 
(pagedaemon)
root        72  0.0  0.0     0   12  ??  DL   20Oct05   0:00.00  (vmdaemon)
root        73  0.0  0.0     0   12  ??  DL   20Oct05 131:41.27  (pagezero)
root        74  0.0  0.0     0   12  ??  DL   20Oct05   0:18.74  (bufdaemon)
root        75  0.0  0.0     0   12  ??  DL   20Oct05  56:25.53  (syncer)
root        76  0.0  0.0     0   12  ??  DL   20Oct05   0:15.99  (vnlru)
root        77  0.0  0.0     0   12  ??  IL   20Oct05   0:00.00  (nfsiod 0)
root        78  0.0  0.0     0   12  ??  IL   20Oct05   0:00.00  (nfsiod 1)
root        79  0.0  0.0     0   12  ??  IL   20Oct05   0:00.00  (nfsiod 2)
root        80  0.0  0.0     0   12  ??  IL   20Oct05   0:00.00  (nfsiod 3)
root       349  0.0  0.1  1312  692  ??  Ss   20Oct05   0:17.08
/usr/sbin/syslogd -s
root       497  0.0  0.2  3488 1588  ??  Ss   20Oct05   0:17.49
/usr/sbin/sshd
root       519  0.0  0.1  1336  808  ??  Ss   20Oct05   0:08.52
/usr/sbin/cron
root       540  0.0  0.3  4256 3188  ??  Ss   20Oct05   9:14.17
/usr/local/sbin/httpd
root       548  0.0  0.1  4084 1268  ??  Is   20Oct05   0:38.35
/usr/local/sbin/apcupsd --kill-on-powerfail
root       562  0.0  0.1  1664  796 con- S    20Oct05   0:00.86
/usr/local/libexec/courier-imap/authlib/authdaemond.mysql start
root       564  0.0  0.1  1716 1060 con- S    20Oct05   0:04.11
/usr/local/libexec/courier-imap/authlib/authdaemond.mysql start
root       565  0.0  0.1  1716 1024 con- S    20Oct05   0:04.14
/usr/local/libexec/courier-imap/authlib/authdaemond.mysql start
root       566  0.0  0.1  1696  944 con- S    20Oct05   0:04.31
/usr/local/libexec/courier-imap/authlib/authdaemond.mysql start
root       567  0.0  0.1  1716 1060 con- S    20Oct05   0:04.15
/usr/local/libexec/courier-imap/authlib/authdaemond.mysql start
root       568  0.0  0.1  1716 1024 con- S    20Oct05   0:04.15
/usr/local/libexec/courier-imap/authlib/authdaemond.mysql start
root       572  0.0  0.1  1248  668 con- S    20Oct05   0:01.10 
(couriertcpd)
root       574  0.0  0.1  1204  520 con- I    20Oct05   0:00.27
/usr/local/libexec/courier-imap/courierlogger imapd
root       584  0.0  0.1  1248  668 con- S    20Oct05   0:04.52 
(couriertcpd)
root       586  0.0  0.1  1204  520 con- I    20Oct05   0:02.25
/usr/local/libexec/courier-imap/courierlogger pop3d
root       594  0.0  0.0   924  180 con- I    20Oct05   0:00.01 /bin/sh
/usr/local/bin/mysqld_safe --user=mysql --datadir=/var/db/mysql
--pid-file=/var/db/mysql/plcforum.pid
root       675  0.0  0.1  1920 1136  ??  Ss   20Oct05   0:57.44
/usr/local/libexec/postfix/master
postfix    686  0.0  0.1  2076 1292  ??  S    20Oct05   0:34.38 qmgr -l -t
fifo -u
root       694  0.0  0.1  1332  592  ??  Is   20Oct05   0:00.00
/usr/local/sbin/saslauthd1 -a pam
root       720  0.0  0.1  1416  848  ??  Ss   20Oct05   0:00.83
/usr/sbin/inetd -wW -C 60
root       729  0.0  0.1  1276  716  v0  Is+  20Oct05   0:00.00
/usr/libexec/getty Pc ttyv0
root       730  0.0  0.1  1276  716  v1  Is+  20Oct05   0:00.00
/usr/libexec/getty Pc ttyv1
root       731  0.0  0.1  1276  716  v2  Is+  20Oct05   0:00.00
/usr/libexec/getty Pc ttyv2
root       732  0.0  0.1  1276  716  v3  Is+  20Oct05   0:00.00
/usr/libexec/getty Pc ttyv3
root       733  0.0  0.1  1276  716  v4  Is+  20Oct05   0:00.00
/usr/libexec/getty Pc ttyv4
root       734  0.0  0.1  1276  716  v5  Is+  20Oct05   0:00.00
/usr/libexec/getty Pc ttyv5
root       735  0.0  0.1  1276  716  v6  Is+  20Oct05   0:00.00
/usr/libexec/getty Pc ttyv6
root       736  0.0  0.1  1276  716  v7  Is+  20Oct05   0:00.00
/usr/libexec/getty Pc ttyv7
root       915  0.0  0.1  3712 1468  p0- S    20Oct05   1:28.19 ./bandwidthd
root     68574  0.0  0.0   908  316  ??  I    25Oct05   0:00.00 /bin/sh
/usr/local/etc/apcupsd/apccontrol mainsback UPS_IDEN 1 0
root     68575  0.0  0.0   908  316  ??  I    25Oct05   0:00.00 /bin/sh
/usr/local/etc/apcupsd/mainsback UPS_IDEN 1 0
root     68577  0.0  0.0   908  316  ??  I    25Oct05   0:00.00 /bin/sh
/usr/local/etc/apcupsd/mainsback UPS_IDEN 1 0
root     68578  0.0  0.1  1320  800  ??  I    25Oct05   0:00.00
/usr/bin/mail -s plcforum.it Power has returned root
root     68579  0.0  0.1  3732 1296  ??  S    25Oct05   0:00.65
/usr/local/sbin/apcaccess status
postfix  66015  0.0  0.1  1936 1312  ??  S     4:05PM   0:00.02 pickup -l
-t fifo -u
root     76308  0.0  0.2  6236 2308  ??  Is    5:28PM   0:00.03 sshd:
gabriele [priv] (sshd)
gabriele 76334  0.0  0.2  6220 2376  ??  S     5:28PM   0:00.05 sshd:
gabriele a ttyp0 (sshd)
gabriele 76337  0.0  0.1   956  552  p0  Is    5:28PM   0:00.01 -sh (sh)
root     76345  0.0  0.1  1672 1200  p0  I     5:28PM   0:00.01 su
root     76362  0.0  0.2  2368 1704  p0  S     5:28PM   0:00.04 _su (csh)
www      76968  0.0  1.7 18688 17940  ??  I     5:32PM   0:01.56
/usr/local/sbin/httpd
www      77200  0.0  1.2 12640 11964  ??  S     5:34PM   0:00.61
/usr/local/sbin/httpd
www      77235  0.0  1.2 12708 12036  ??  S     5:34PM   0:01.17
/usr/local/sbin/httpd
www      77237  0.0  1.0 11176 10488  ??  S     5:34PM   0:01.04
/usr/local/sbin/httpd
www      77242  0.7  1.1 12024 11340  ??  S     5:34PM   0:00.82
/usr/local/sbin/httpd
www      77291  0.6  1.0 11032 10356  ??  S     5:34PM   0:00.82
/usr/local/sbin/httpd
www      77306  0.1  1.3 14276 13548  ??  S     5:34PM   0:00.48
/usr/local/sbin/httpd
www      77307  0.0  0.9 10188 9456  ??  S     5:34PM   0:00.39
/usr/local/sbin/httpd
www      77321  0.0  0.8  9496 8736  ??  S     5:34PM   0:00.13
/usr/local/sbin/httpd
www      77369  0.0  1.1 12012 11316  ??  S     5:34PM   0:00.18
/usr/local/sbin/httpd
www      77370  0.0  0.9 10216 9456  ??  S     5:34PM   0:00.13
/usr/local/sbin/httpd
postfix  77440  0.0  0.2  3260 1964  ??  S     5:35PM   0:00.02 smtpd -n
smtp -t inet -u
postfix  77441  0.0  0.1  1924 1300  ??  S     5:35PM   0:00.01 proxymap -t
unix -u
postfix  77442  0.0  0.1  2028 1452  ??  S     5:35PM   0:00.01 cleanup -z
-t unix -u
postfix  77443  0.0  0.1  1984 1404  ??  S     5:35PM   0:00.01
trivial-rewrite -n rewrite -t unix -u
postfix  77444  0.0  0.1  2008 1448  ??  S     5:35PM   0:00.01 smtp -t
unix -u
www      77467  0.7  1.3 14276 13552  ??  S     5:35PM   0:00.24
/usr/local/sbin/httpd
www      77472  0.0  0.8  9496 8740  ??  S     5:35PM   0:00.11
/usr/local/sbin/httpd
www      77473  0.2  0.9 10232 9472  ??  S     5:35PM   0:00.14
/usr/local/sbin/httpd
www      77558  0.0  0.3  4296 3256  ??  S     5:36PM   0:00.00
/usr/local/sbin/httpd
www      77559  0.0  0.3  4296 3256  ??  S     5:36PM   0:00.00
/usr/local/sbin/httpd
www      77560  0.0  0.3  4296 3256  ??  S     5:36PM   0:00.00
/usr/local/sbin/httpd
root         0  0.0  0.0     0    0  ??  ZW   -         0:00.00 
(bandwidthd)
root     77561  0.0  0.1  1412  784  p0  R+    5:36PM   0:00.00 ps wwaux
root         0  0.0  0.0     0    4  ??  DLs  20Oct05   0:06.35  (swapper)
root        10  0.0  0.0     0   12  ??  DL   20Oct05   0:00.00  (ktrace)

Un po' lungo ma c'e' tutto :-)
A me non sembra vi sia installato un IDS, o sbaglio?
Grazie


Maggiori informazioni sulla lista aiuto