How can I tell what ftp software I have running?

mtn356 · 10-27-2003, 06:11 PM

We are running Red Hat 2.1 as
I know there is a ftp service running.
Is there anyway I can find out what it is?

trickykid · 10-27-2003, 06:29 PM

Redhat usually defaults and ships with wu-ftpd as the default FTP server. But that's with Redhat 9 and Professional editions, not sure about 2.1 which is the Enterprise edition, etc.

In some cases it will be launced or started from xinetd, I would check your config there to find out as at times it could also be using proftpd as well.

chr15t0 · 10-27-2003, 06:30 PM

Code:

ps -ef | grep ftp

you should see an ftp daemon process like proftpd or vsftpd or wuftpd. Alternatively, you might find it's listed in your /etc/xinetd.conf - ie you might have an ftp server that's configured to run over inetd rather than standalone.

hth
christo

mtn356 · 10-28-2003, 09:40 AM

Nothing with ftp.

Here is what I have does this help?

UID PID PPID C STIME TTY TIME CMD
root 1 0 0 Oct24 ? 00:00:06 init [3]
root 2 1 0 Oct24 ? 00:00:00 [keventd]
root 3 1 0 Oct24 ? 00:00:00 [kapm-idled]
root 4 0 0 Oct24 ? 00:00:00 [ksoftirqd_CPU0]
root 5 0 0 Oct24 ? 00:00:00 [kswapd]
root 6 0 0 Oct24 ? 00:00:00 [kreclaimd]
root 7 0 0 Oct24 ? 00:00:00 [bdflush]
root 8 0 0 Oct24 ? 00:00:00 [kupdated]
root 9 1 0 Oct24 ? 00:00:00 [mdrecoveryd]
root 13 1 0 Oct24 ? 00:00:00 [kjournald]
root 126 1 0 Oct24 ? 00:00:00 [kjournald]
root 127 1 0 Oct24 ? 00:00:00 [kjournald]
root 489 1 0 Oct24 ? 00:00:00 syslogd -m 0
root 494 1 0 Oct24 ? 00:00:00 klogd -2
root 563 1 0 Oct24 ? 00:00:00 /usr/sbin/sshd
root 598 1 0 Oct24 ? 00:00:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
ntp 617 1 0 Oct24 ? 00:00:00 ntpd -U ntp
root 646 1 0 Oct24 ? 00:00:00 sendmail: accepting connections
root 670 1 0 Oct24 ? 00:00:01 /usr/sbin/httpd -DHAVE_ACCESS -DHAVE_PROXY -DHAVE_AUTH_ANON -DHAVE_ACTIONS -DH
root 696 1 0 Oct24 ? 00:00:00 crond
daemon 732 1 0 Oct24 ? 00:00:00 /usr/sbin/atd
root 751 1 0 Oct24 ? 00:00:01 rhnsd --interval 240
root 778 1 0 Oct24 ? 00:00:01 portsentry -stcp
root 780 1 0 Oct24 ? 00:00:00 portsentry -udp
root 787 1 0 Oct24 ? 00:00:00 /usr/bin/perl /usr/local/webmin-1.090/miniserv.pl /etc/webmin/miniserv.conf
root 791 1 0 Oct24 tty1 00:00:00 /sbin/mingetty tty1
root 792 1 0 Oct24 tty2 00:00:00 /sbin/mingetty tty2
root 793 1 0 Oct24 tty3 00:00:00 /sbin/mingetty tty3
root 794 1 0 Oct24 tty4 00:00:00 /sbin/mingetty tty4
root 795 1 0 Oct24 tty5 00:00:00 /sbin/mingetty tty5
root 796 1 0 Oct24 tty6 00:00:00 /sbin/mingetty tty6
apache 14078 1 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -autorestart -start default
apache 14081 14078 0 Oct27 ? 00:00:09 /opt/coldfusionmx/bin/cfusion -start default
apache 14082 14081 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14083 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14084 14082 0 Oct27 ? 00:04:50 /opt/coldfusionmx/bin/cfusion -start default
apache 14085 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14086 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14087 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14088 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14089 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14090 14082 0 Oct27 ? 00:00:09 /opt/coldfusionmx/bin/cfusion -start default
apache 14091 14082 0 Oct27 ? 00:00:08 /opt/coldfusionmx/bin/cfusion -start default
apache 14092 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14094 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14095 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14096 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14097 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14098 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14099 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14100 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14101 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14102 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14129 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14130 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14131 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14132 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14133 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14134 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14135 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14136 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14137 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14138 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14139 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 14207 14082 0 Oct27 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 15399 14082 0 02:47 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
apache 15705 670 0 04:02 ? 00:00:00 /usr/sbin/httpd -DHAVE_ACCESS -DHAVE_PROXY -DHAVE_AUTH_ANON -DHAVE_ACTIONS -DH
apache 15706 670 0 04:02 ? 00:00:00 /usr/sbin/httpd -DHAVE_ACCESS -DHAVE_PROXY -DHAVE_AUTH_ANON -DHAVE_ACTIONS -DH
apache 15707 670 0 04:02 ? 00:00:00 /usr/sbin/httpd -DHAVE_ACCESS -DHAVE_PROXY -DHAVE_AUTH_ANON -DHAVE_ACTIONS -DH
apache 15708 670 0 04:02 ? 00:00:00 /usr/sbin/httpd -DHAVE_ACCESS -DHAVE_PROXY -DHAVE_AUTH_ANON -DHAVE_ACTIONS -DH
apache 15709 670 0 04:02 ? 00:00:00 /usr/sbin/httpd -DHAVE_ACCESS -DHAVE_PROXY -DHAVE_AUTH_ANON -DHAVE_ACTIONS -DH
apache 15710 670 0 04:02 ? 00:00:00 /usr/sbin/httpd -DHAVE_ACCESS -DHAVE_PROXY -DHAVE_AUTH_ANON -DHAVE_ACTIONS -DH
apache 15711 670 0 04:02 ? 00:00:00 /usr/sbin/httpd -DHAVE_ACCESS -DHAVE_PROXY -DHAVE_AUTH_ANON -DHAVE_ACTIONS -DH
apache 15712 670 0 04:02 ? 00:00:00 /usr/sbin/httpd -DHAVE_ACCESS -DHAVE_PROXY -DHAVE_AUTH_ANON -DHAVE_ACTIONS -DH
apache 15738 14082 0 04:02 ? 00:00:00 /opt/coldfusionmx/bin/cfusion -start default
root 16163 563 0 09:17 ? 00:00:00 /usr/sbin/sshd
root 16164 16163 0 09:18 pts/0 00:00:00 -bash
root 16230 563 0 09:31 ? 00:00:00 /usr/sbin/sshd
root 16231 16230 0 09:32 pts/1 00:00:00 -bash
root 16332 16231 0 09:37 pts/1 00:00:00 ps -ef

chr15t0 · 10-28-2003, 04:24 PM

well it looks like there isn't an ftp server running.. what makes you think there is ?

christo

mtn356 · 10-28-2003, 04:27 PM

because i can ftp to it and log in with whatever user i create.

trickykid · 10-28-2003, 04:54 PM

Like I mentioned in my first response, most FTP daemons that are running with default installations will be started from the inetd or xinetd daemons, etc. Look there to find which one your running.

chr15t0 · 10-28-2003, 04:57 PM

netstat -tpl | grep ftp

chr15t0 · 10-28-2003, 05:08 PM

aye trickykid's right - the result is that the daemon will only run when it's called, you do really need to show us the contents of your /etc/xinetd.conf or /etc/inetd.conf

mtn356 · 10-28-2003, 05:20 PM

Here ya go.

#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/

defaults
{
instances = 60
log_type = SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
}

includedir /etc/xinetd.d

____________________________________________

# /etc/identd.conf - an example configuration file

#-- The syslog facility for error messages
# syslog:facility = daemon

#-- User and group (from passwd database) to run as
server:user = ident

#-- Override the group id
server:group = ident

#-- What port to listen on when started as a daemon or from /etc/inittab
# server

ort = 113

#-- The socket backlog limit
# server:backlog = 256

#-- Where to write the file containing our process id
server

id-file = "/var/run/identd.pid"

#-- Maximum number of concurrent requests allowed (0 = unlimited)
# server:max-requests = 0

#-- Enable some protocol extensions like "VERSION" or "QUIT"
protocol:extensions = enabled

#-- Allow multiple queries per connection. This slightly breaks RFC1413
protocol:multiquery = enabled

#-- Timeout in seconds since connection or last query. Zero = disable
# protocol:timeout = 120

#-- Maximum number of threads doing kernel lookups
kernel:threads = 2

#-- Maximum number of queued kernel lookup requests
# kernel:buffers = 32

#-- Maximum number of time to retry a kernel lookup in case of failure
# kernel:attempts = 5

#-- Disable username lookups (only return uid numbers)
# result:uid-only = no

#-- Enable the ".noident" file
# result:noident = enabled

#-- Charset token to return in replies
# result:charset = "US-ASCII"

#-- Opsys token to return in replies
# result

psys = "UNIX"

#-- Log all request replies to syslog (none == don't)
# result:syslog-level = none

#-- Enable encryption (only available if linked with a DES library)
result:encrypt = yes

#-- Path to the DES key file (only available if linked with a DES library)
encrypt:key-file = "/etc/identd.key"

#-- Include a machine local configuration file
# include = /etc/identd.conf