I'm looking for a way to set up clients in a network and have used TFTP so far. Messing around with the server I was able to do a path traversal with something similar like GET asdf/../../../../windows/win.ini. For this and other security considerations I'd like to to switch to something more secure.
I was trying to enable TFTP on my Solaris 10. I started with un-commenting the tftp line in /etc/inetd.conf and inetconv -i /etc/inetd.conf for tftp installation. I did reboot the server afterwards, but i still cannot find the /tftpboot directory. though the return of svcs -a | grep -i tftp is online.
Do I have to create myself? or there is something still missing?
Partially solved. Added a "-c" to the command line args in tftpd.service. Also changed the permissions to the /srv/tftp folder to 777. I eventually want to get tftpd to start as a tftp user and have everything owned by the tftp user, but this will work for my setup for now.
I can not get TFTP to work properly on my system. I have set /etc/default/tftpd-hpa to /srv/tftp/ which I have set to permissions 777 like all the contents as well (and /srv/ too) however, whenever I do a get test I get a timeout, (and I'm connected on my localhost to 127.0.0.1). I don't think TFTP logs somewhere, does it? Any assistance on how to debug this would be greatly appreciated!