Hi,
My university ftp server lists whole root directory as below.
Quote:
02/01/09 11:48PM <DIR> bin
03/18/08 12:00AM <DIR> boot
01/31/09 06:51AM <DIR> dev
02/06/09 04:11AM <DIR> etc
01/31/09 11:31PM <DIR> home
01/31/09 11:23PM <DIR> home2
08/12/04 12:00AM <DIR> initrd
02/01/09 11:48PM <DIR> lib
03/18/08 12:00AM <DIR> lost+found
01/31/09 06:52AM <DIR> media
12/08/04 12:00AM <DIR> misc
12/06/09 09:38AM <DIR> mnt
08/12/04 12:00AM <DIR> opt
01/31/09 06:50AM <DIR> proc
02/07/09 08:47PM <DIR> root
02/01/09 11:48PM <DIR> sbin
01/31/09 06:50AM <DIR> selinux
08/12/04 12:00AM <DIR> srv
01/31/09 06:50AM <DIR> sys
02/07/09 04:15PM <DIR> tmp
03/18/08 12:00AM <DIR> usr
03/18/08 12:00AM <DIR> var
|
is it normal from security point of view?
In my opinion its a big risk ... even i can go to /boot/grub
any comments??
what is casing this problem? what missconfiguration they might have made? and what could be the countermeasure??
Thanks.