NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
ReadyNAS Duo V2: Strange FTP behaviour
Hi All,
I am using ReadyNAS Duo V2 RAIDiator 5.3.8 and set up FTP access. I created a user and a share, gave the user FTP permissions and I can login via FTP. HOWEVER: if I list the files via DIR or LS I can see log and system files of my ReadyNAS!? It looks like this:
[DE134904.urs] → ftp xxx.example.com
Connected to ftp.example.com
220 ProFTPD 1.3.3g Server (NETGEAR ReadyNAS) [xx.xx.xx.xx]
Name: <username>
331 Password required for <username>
Password:
230 User <username> logged in
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful
150 Opening ASCII mode data connection for file list
-rw-r--r-- 1 root root 0 Jul 11 15:48 4hm_core_heartbeat
-rw-r--r-- 1 admin admin 11237 May 31 2012 Backup10349
-rw-r--r-- 1 admin admin 11236 May 31 2012 Backup2867
-rw-r--r-- 1 admin admin 11227 May 31 2012 Backup3569
-rw-r--r-- 1 admin admin 11227 May 31 2012 Backup7668
-rw-r--r-- 1 root root 86093824 Feb 9 11:08 RAIDiator-arm-5.3.7
-rw-r--r-- 1 root root 103 Jul 11 02:00 add.sbin
drwxr-xr-x 2 admin admin 4096 Jun 29 18:10 addons
-rw-r--r-- 1 root root 1431 May 27 2012 backup_004_copy.log.1
-rw-r--r-- 1 root root 98721 Jul 10 20:06 backup_006_copy.log.1
-rw-r--r-- 1 root root 3915 Feb 3 20:05 backup_007_copy.log.1
-rw-r--r-- 1 root root 7258 Jul 8 20:05 backup_009_copy.log.1
-rw-r--r-- 1 root root 102207 May 23 19:11 backup_010_copy.log.1
-rw-r--r-- 1 root root 16942 Jul 10 20:10 backup_012_copy.log.1
-rw-r--r-- 1 root root 2670336 May 30 2012 backup_013_copy.log.1
-rw-r--r-- 1 root root 24751 May 5 12:45 backup_017_copy.log.1
-rw-r--r-- 1 root root 47 Jan 4 2013 backup_button_jobs.11548
-rw-r--r-- 1 root root 47 Dec 22 2012 backup_button_jobs.1360
<... and so on ..>>
I can even create a new directory and upload files :-((
Do I make a mistake or is this a serious securiyt issue?
Thanks for any hint ...
I am using ReadyNAS Duo V2 RAIDiator 5.3.8 and set up FTP access. I created a user and a share, gave the user FTP permissions and I can login via FTP. HOWEVER: if I list the files via DIR or LS I can see log and system files of my ReadyNAS!? It looks like this:
[DE134904.urs] → ftp xxx.example.com
Connected to ftp.example.com
220 ProFTPD 1.3.3g Server (NETGEAR ReadyNAS) [xx.xx.xx.xx]
Name: <username>
331 Password required for <username>
Password:
230 User <username> logged in
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful
150 Opening ASCII mode data connection for file list
-rw-r--r-- 1 root root 0 Jul 11 15:48 4hm_core_heartbeat
-rw-r--r-- 1 admin admin 11237 May 31 2012 Backup10349
-rw-r--r-- 1 admin admin 11236 May 31 2012 Backup2867
-rw-r--r-- 1 admin admin 11227 May 31 2012 Backup3569
-rw-r--r-- 1 admin admin 11227 May 31 2012 Backup7668
-rw-r--r-- 1 root root 86093824 Feb 9 11:08 RAIDiator-arm-5.3.7
-rw-r--r-- 1 root root 103 Jul 11 02:00 add.sbin
drwxr-xr-x 2 admin admin 4096 Jun 29 18:10 addons
-rw-r--r-- 1 root root 1431 May 27 2012 backup_004_copy.log.1
-rw-r--r-- 1 root root 98721 Jul 10 20:06 backup_006_copy.log.1
-rw-r--r-- 1 root root 3915 Feb 3 20:05 backup_007_copy.log.1
-rw-r--r-- 1 root root 7258 Jul 8 20:05 backup_009_copy.log.1
-rw-r--r-- 1 root root 102207 May 23 19:11 backup_010_copy.log.1
-rw-r--r-- 1 root root 16942 Jul 10 20:10 backup_012_copy.log.1
-rw-r--r-- 1 root root 2670336 May 30 2012 backup_013_copy.log.1
-rw-r--r-- 1 root root 24751 May 5 12:45 backup_017_copy.log.1
-rw-r--r-- 1 root root 47 Jan 4 2013 backup_button_jobs.11548
-rw-r--r-- 1 root root 47 Dec 22 2012 backup_button_jobs.1360
<... and so on ..>>
I can even create a new directory and upload files :-((
Do I make a mistake or is this a serious securiyt issue?
Thanks for any hint ...
9 Replies
Replies have been turned off for this discussion
- fixed by remote access
- Yes, I can confirm it has been fixed by support. Many thanks for your help.
- I know this is an old one, sorry for dragging it up. This is the same problem I am having but support wont help as I am out of warranty, can anybody help further?
- what firmware version are you running ? can you PM me a remote access then I can take a look .
- I am running the latest firmware for the ReadyNas Duo V2. I have managed to changed my proftpd user.conf file to read DefaultRoot ~ instead of DefaultRoot ~Ftp and it now goes straight to the home user folder for the user logged in. The problem I then had was that this file is overwritten on reboot so I used a script I found somewhere else that overwrites the User.conf in the proftpd folder with one I have made stored somewhere else so it remains with the access provided. The thing I am trying to figure out is why it was incorrect and rooting to that folder when I have never used FTP on the NAS before.
Any further suggestions of a better fix would be appreciated but I think I am OK right now.
The post i used to figure it out was
http://www.readynas.com/forum/viewtopic.php?t=23735
To get the script to run though I had to put it in crontab using @reboot as the symbolic link did not seem to work. seanws78 wrote: I am running the latest firmware for the ReadyNas Duo V2. I have managed to changed my proftpd user.conf file to read DefaultRoot ~ instead of DefaultRoot ~Ftp and it now goes straight to the home user folder for the user logged in. The problem I then had was that this file is overwritten on reboot so I used a script I found somewhere else that overwrites the User.conf in the proftpd folder with one I have made stored somewhere else so it remains with the access provided. The thing I am trying to figure out is why it was incorrect and rooting to that folder when I have never used FTP on the NAS before.
Any further suggestions of a better fix would be appreciated but I think I am OK right now.
The post i used to figure it out was
viewtopic.php?t=23735
To get the script to run though I had to put it in crontab using @reboot as the symbolic link did not seem to work.
"DefaultRoot ~ftp" means /home/ftp , were the files you saw in this directory ?- No, they were not. The directory that it took me to, I could not even find after a while looking around in the box via SSH.
There was no FTP folder in my home directory and even when i put one there it still wasn't there.
DefaultRoot ~ seems to have fixed it. - UPDATE
using @reboot in the crontab does work but whatever process overwrites the User.conf file for proftpd runs after the 60 seconds in the reboot. I increase the sleep to 180 and I see the user.conf change to ~ftp and then later change to ~. seanws78 wrote: No, they were not. The directory that it took me to, I could not even find after a while looking around in the box via SSH.
There was no FTP folder in my home directory and even when i put one there it still wasn't there.
DefaultRoot ~ seems to have fixed it.
a little strange, my box had it and ftp login will be in /home/ftp. Does your /etc/password include sth like the following ?
$ cat /etc/passwd | grep ftp
ftp:x:97:97::/home/ftp:/bin/false
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
