TFTP Server

[mmaki]

I'm trying to get a TFTP server running on Debian. I'm starting the server with

in.tftpd -l /tmp

seems to start OK. I see an in.tftpd process.

I can connect to the server but if I try to get or put a file I get "Error code 2: Access violation"

/tmp is world readable and I placed a world readable file there.

I have commented out all entries in hosts.allow and hosts.deny.

An namp scan of the server only shows ports 68 (dhcpclient) and 6000 (X11) open. No port 69 as the /etc/services list for tftp.

Is there a log for tftpd that can give me more info?

Anything else I could have missed?

 

[spidey07]

I'm not familiar with that tftp server but.

tftp runs over udp, I can't remember if nmap tries udp ports

seems like your access rights are OK, is there some kind of .conf file that tells the tftp process where the root is?

 

[mmaki]

Can I delet this?

 

[mmaki]

I see there is a bug in this forum. I clicked post before I logged on, then logged on and it posted a blank reply. Any way...

The command in.tftpd -l /tmp starts the tftp daemon in stand alone mode (-l) using the /tmp directory as the tftp root directory. nmap does scan udp ports. I know this because I scanned an XP box running a little Windows tftp server and it found it.

Thanks for the reply though.

 

[n0cmonkey]

Check your configuration files. Chances are there is something that limits who can do what. I don't have Debian set up right now, so I can't check.

 

[Fallen Kell]

ooo... Bad boy... tftp is bad thing to use unless you actually need to use tftp. TFTP, or Trivial File Transfer Protocal, is basically an anonomous ftp server. No authentication is used for connections. The only reason this protocol exists is because it was mainly used for diskless clients who load their OS services from a boot server. The diskless clients have no way of knowing what they are or what to do other then issue an ARP paket request basically saying "I exist and am online." A boot server will then recognise that packet and issue a response and then the diskless client will connect to the boot server using tftp.

Basically if you want to do anonomyous ftp, just use a normal ftp deamon and open up the permissions to allow anonomyous connections (its in the config files normally). TFTP should not be used for this application. It is nothing but a huge security risk.

 

[mmaki]

I agree and understand the vulnerabilities tftp. It is only for a temporary situation to upload an IOS to Cisco router. I'm a little bummed because I had to break down and use some little WIN32 tftp app to do it. Couldn't get the Linux one to connect. I was trying KNOPPIX from a bootable CD and also a Debian install but both gave the same results. I'm sure there is a config somewhere that kept me from connecting. Thanks for the reply though.