Topic: http file access (Read 6295 times)

dalbert · « **on:** October 05, 2008, 05:26:19 AM »

Is there a way to access shared volume(s) via http?

Is there a way to suppress http access to important files
that might pose a security risk: e.g. stuff in /etc like:
/etc/passwd
/etc/shadow
/etc/ez-ipupdate.conf
/etc/fstab
/etc/mtab
/etc/inittab
/etc/hosts
/etc/protocols
/etc/services

fordem · « **Reply #1 on:** October 05, 2008, 10:38:06 AM »

I could be wrong on this ....

a) I believe if you downgrade to 1.04 those files will no longer be accessible
2) I believe http file access will be available in a future firmware release - there is an undocumented web page - http://<ip-address-of-DNS>/web/wfs_login.asp.

The way I heard it, preliminary code for the http file access was left in the 1.05 release leading to the insecurities that have upset many persons.

D-Link Multimedia · « **Reply #2 on:** October 06, 2008, 09:33:47 AM »

Yes a preliminary HTTP file server was left in 1.05 however this was only on the DNS-323 and did not affect the DNS-321.

We are still looking into it.

fordem · « **Reply #3 on:** October 06, 2008, 12:16:35 PM »

Quote from: D-Link Multimedia on October 06, 2008, 09:33:47 AM

Yes a preliminary HTTP file server was left in 1.05 however this was only on the DNS-323 and did not affect the DNS-321.

We are still looking into it.

Oops - forgot which forum I was in ....

D-Link Forums

News:

Author Topic: http file access (Read 6295 times)

dalbert

http file access

fordem

Re: http file access

D-Link Multimedia

Re: http file access

fordem

Re: http file access