11 replies to this topic

[ACD46]

I have VU+Solo2 and new install image Open Pli . After 5 days i have one problem with ftp connect to box.

 

500 OOPS: vsftpd: not found: directory given in 'secure_chroot_dir':/var/share/empty

 

Http connect is ok. Telnet connect is ok, but my password is incorrect.

 

Password is default /no password/.

 

 

Please help me.

Edited by ACD46, 31 October 2015 - 21:10.

[WanWizard]

That begs the question: what have you changed?

 

Because the default config doesn't contain "secure_chroot_dir", and in a default image, /var/share/empty does exist.

 

Or do you have opened up your box to the internet, with as a result that it is now hacked?

[ACD46]

That begs the question: what have you changed?

 

Because the default config doesn't contain "secure_chroot_dir", and in a default image, /var/share/empty does exist.

 

Or do you have opened up your box to the internet, with as a result that it is now hacked?

Firewall in my router is on. Don't open any port to my box.  My old image was ok. This problem is only with last image.

 

Sorry my english is not good.

Edited by ACD46, 31 October 2015 - 22:44.

[WanWizard]

I can't say anything more than I already did: the default config doesn't contain "secure_chroot_dir", and in a default image, /var/share/empty does exist.

 

And indeed, the default image has no password for telnet. So if your box has a password now and it didn't have one yesterday, then something has changed.

[ACD46]

I can't say anything more than I already did: the default config doesn't contain "secure_chroot_dir", and in a default image, /var/share/empty does exist.

 

And indeed, the default image has no password for telnet. So if your box has a password now and it didn't have one yesterday, then something has changed.

Thank you.  I'll make new installation image with hard password.

[zer0fx]

create directories : /var/share/empty

in /etc/vsftpd.conf, add this line at the end of the file :

secure_chroot_dir=/var/share/empty

and it will be ok

[Tom77]

Hi,

 

I have the same problem. Have Vu+ uno and Openpli. When try to connect ftp I see

 

500 OOPS: vsftpd: not found: directory given in 'secure_chroot_dir':/var/share/empty

 

 

That begs the question: what have you changed?

 

Because the default config doesn't contain "secure_chroot_dir", and in a default image, /var/share/empty does exist.

 

Or do you have opened up your box to the internet, with as a result that it is now hacked?

 

Connection was good few hours earlier, during this few hours I had one crash when there were 4 or 5 channels being recorded.

 

But I also did opened box to the internet. Could really somebody hack me? I was only trying to access my Openwebif to check if streaming will work, and check few times oscam webinterface. I have dynamic IP, changed it a few times. I didn't give anybody my IP address, only checked at few websites if my ports are opened or not. 

I am very afraid. What should I do now? I closed my connection and disconnected box but have no idea what should do now.

 

Help, please.

[Pr2]

Hi,

 

Never open your box to the Internet, I guess it's a good lesson learned. 

By a simple google search we can find the Internet accessible OpenWebif.

 

Close the ports you open on your router and reflash your box, and perform a good security scan/check/patching on all the device connected to your LAN.

 

Pr2

[Erik Slagter]

Especially ftp is not a good idea to make available from the internet. Use ssh+scp+sftp instead.

[Tom77]

I am aware that opening ports it is not safe theoretically, but I did not expect that anyone can find me during few hours of testing. My bad 

 

The other thing that I am a beginner on it, so I opened ports by DMZ function (modem -> router -> box). That means all box ports were open. I will never do it again.

 

So what now?

I am going to download the latest image and flash it by usb. Will it be good enoungh to make my box working properly and be sure that there is nothing unwanted on it?

 

 

Hi,

 

Never open your box to the Internet, I guess it's a good lesson learned. 

By a simple google search we can find the Internet accessible OpenWebif.

 

Close the ports you open on your router and reflash your box, and perform a good security scan/check/patching on all the device connected to your LAN.

 

Pr2

 

 

If we know that DMZ function was enabled and everything was connected directly to the box, is it possible that router or modem or pc was hacked?

 

There are only 3 devices connected to my lan. The box, pc that I am using and other pc. I had Avira free antivirus with firewall enabled on this computer, there are also firewalls enabled at modem and router. I scanned whole pc by Avira and find nothing. Is that mean that I can feel safe about this pc? Does anyone could connect to this pc and stole any data, is it possible?

 

There is another pc connected to my router by cable, but all this time it was powered off. Is there a possibility that it could be somehow hacked/infected?

 

I will be very grateful for the help.

[WanWizard]

Something that was powered off can't be hacked. For the others, if they were secured by a password, the chances of them being hacked in that sort period of time are low.

 

If you flash the box, the entire OS partition will be wiped and rewritten, and with that all possible code alterations will be gone.

 

Please note that flashing a box restores it to factory conditions, so you need to configure it again after it restarts...

[athoik]

... almost all alterarions, because there new ways of making permanent some things, like firmware in usb stick/hard drive etc...

Anyway this doesn't apply to us, those are other targets, usually government or big companies etc.