ProHoster > Блог > wararka internetka > ProFTPD 1.3.8 ftp server siideynta

ProFTPD 1.3.8 ftp server siideynta

Laba sano iyo badh ka dib horumarinta, siideynta muhiimka ah ee server-ka ftp ProFTPD 1.3.8 ayaa la daabacay, oo leh awoodaha xoojinta iyo shaqeynta, iyo daciifnimada aqoonsiga xilliyeed ee dayacanka khatarta ah. Siideynta sixitaanka ee ProFTPD 1.3.7f waa la heli karaa isku mar waxayna noqon doontaa tan ugu dambeysa ee taxanaha ProFTPD 1.3.7.

Hal-abuurka ugu muhiimsan ee ProFTPD 1.3.8:

  • Taageero ayaa loo hirgeliyay amarka FTP CSID (Client/Server ID), kaas oo loo isticmaali karo in macluumaadka loogu diro server-ka si loo aqoonsado software-ka macmiilka loona helo jawaab macluumaad lagu aqoonsanayo server-ka. Tusaale ahaan, macmiilku wuxuu diri karaa "CSID Name=BSD FTP; Version=7.3" oo uu ku heli karaa jawaab ahaan "200 Name=ProFTPD; Version=1.3.8; OS="Ubuntu Linux; OSVer=22.04; Xasaasiyad CaseSep=1; DirSep=/;".
  • Taageero dheeri ah oo loogu talagalay fidinta "hagaha guriga" si loo ballaariyo ~/iyo ~ isticmaalaha/ waddooyinka hirgelinta nidaamka SFTP. Waxaad isticmaali kartaa dardaaranka "SFTPExtensions homeDirectory" si aad awood ugu yeelato.
  • Taageerada lagu daray AES-GCM ciphers "aes128-gcm@openssh.com" iyo "aes256-gcm@openssh.com" mod_sftp, iyo sidoo kale martigelinta furaha furaha ("SFTPOptions NoHostkeyRotation") iyadoo la adeegsanayo kordhinta OpenSSH "hostkeys-00@openssh.com-pro" iyo "host.com". Taageero lagu daray awood-siinta AES GCM ciphers dardaaranka SFTPCiphers.
  • Waxaa lagu daray "-enable-pcre2" ikhtiyaar si loogu dhiso maktabadda PCRE2 halkii PCRE. Awoodda lagu dooran karo matoorka hadalka caadiga ah ee u dhexeeya PCRE2, POSIX iyo PCRE ayaa lagu daray dardaaranka RegexOptions.
  • Waxaa lagu daray dardaaranka SFTPHostKeys si loo qeexo algorithms-yada muhiimka ah ee loo fidiyay macaamiisha moduleka mod_sftp.
  • Dardaaranka XaqiiqdaDefault ee lagu daray si uu si cad u qeexo liiska "xaqiiqda" ee lagu soo celiyay jawaabaha MLSD/MLSD FTP.
  • Lagu daray dardaaranka LDAPConnectTimeout si loo qeexo wakhtiga xidhidhiyaha ee serfarka LDAP.
  • Waxaa lagu daray tilmaamaha ListStyle, kaas oo kuu oggolaanaya inaad awood u yeelato soo saarista liiska waxyaabaha ku jira tusmada qaab ahaan Windows.
  • Dardaaranka RedisLogFormatExtra waa la fuliyay si loogu daro furayaasha gaarka ah iyo qiyamka log-ka JSON, oo ay ku jiraan dardaaranka RedisLogOnCommand iyo RedisLogOnEvent.
  • Halbeegga MaxLoginAttemptsFromUser ayaa lagu daray tilmaamaha BanOnEvent si loo xakameeyo isku-darka gaarka ah ee isticmaalayaasha iyo Cinwaanada IP-ga.
  • Taageerada lagu daray TLS marka lagu xidho Redis DBMS dardaaranka RedisSentinel. Taageero lagu daray dardaaranka RedisServer ee habaynta amarka AUTH ee la isticmaalay tan iyo Redis 6.x.
  • Taageerada xashiishka ETM (Encrypt-Kadib-MAC) ayaa lagu daray dardaaranka SFTPdigeests.
  • Lagu darey calankii ReusePort dardaaranka SocketOptions si loo suurtageliyo qaabka godka SO_REUSEPORT.
  • Calankii AllowSymlinkUpload waxaa lagu daray dardaaranka TransferOptions si loogu soo celiyo awoodda lagu dhejiyo xiriiriyeyaasha astaanta ah.
  • Taageerada "curve448-sha512" algoorithm-isweydaarsiga furaha ah ayaa lagu daray dardaaranka SFTPKeyExchanges.
  • Awoodda lagu beddelo faylal dheeri ah oo ku jira miisaska oggolaanshaha/diidmada ayaa lagu daray moduleka mod_wrap2.
  • Qiimaha caadiga ah ee cabbirka FSCachePolicy ayaa loo beddelay "off".
  • Module mod_sftp waxa loo habeeyey isticmaalka maktabada OpenSSL 3.x
  • Waxaa lagu daray taageero dhismaha maktabadda libidn2 si loo isticmaalo caalami ahaan magacyada domain-ka (IDN).
  • Sida caadiga ah, utility ftpasswd ee soo saarista hashes erayga sirta ah ayaa leh SHA256 algorithm halkii MD5.

Source: opennet.ru

U soo iibso martigelin lagu kalsoonaan karo oo loogu talagalay bogagga leh ilaalinta DDoS, VPS VDS servers 🔥 Iibso martigelin degel oo lagu kalsoonaan karo oo leh ilaalinta DDoS, VPS VDS servers | ProHoster