[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] cannot access ftp server -- getpeername (in.ftpd): Transport endpoint is not connected



Hello,

maybe one of you can help me with this problem. I am posting it here because it seems to be caused by a security mechanism.

The ftp server on a web/mail/inet-gateway machine I am taking care of can 
no longer be accessed, ever since one of the secretaries decided to 
switch it off and on again because she could not access her files on a 
Windows server. I have made some changes on the ipchains rules since 
then, but ftp is open on the internal interface.

Anyway, access is possible neither from the LAN, nor from the machine 
itself when I am logged on via ssh. 

I get this message on the shell:
***
# ftp localhost
Trying ::1...
ftp: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
421 Service not available, remote server has closed connection.
***

and this turns up both in /var/log/warn and /var/log/messages:
***
May 17 13:01:01 server in.ftpd[12726]: warning: can't get client address: 
Invalid argument
May 17 13:01:01 server ftpd[12726]: getpeername (in.ftpd): Transport 
endpoint is not connected
May 17 13:01:01 server inetd[813]: /usr/sbin/tcpd: exit status 0x1
May 17 13:01:01 server in.ftpd[12727]: warning: can't get client address: 
Invalid argument
May 17 13:01:01 server ftpd[12727]: getpeername (in.ftpd): Transport 
endpoint is not connected
May 17 13:01:01 server inetd[813]: /usr/sbin/tcpd: exit status 0x1
May 17 13:01:01 server in.ftpd[12728]: warning: can't get client address: 
Invalid argument
May 17 13:01:01 server ftpd[12728]: getpeername (in.ftpd): Transport 
endpoint is not connected
May 17 13:01:01 server inetd[813]: /usr/sbin/tcpd: exit status 0x1
May 17 13:01:01 server inetd[813]: ftp/tcp server failing (looping), 
service terminated
***

... repeated over and over again, with rising pids.
Trying other ftp servers (by changing inetd.conf) resulted in the same, 
with in.ftpd changed to proftpd etc.
BTW, the name of the machine is included in /etc/hosts.

Have any of you had that problem? Please help, running out of time... 
Looking for old threads that included these error messages only turned up 
tons of hacking-related questions.

Thank you!

Matthias