D&C Lug - Home Page
Devon & Cornwall Linux Users' Group

[ Date Index ][ Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] secure ftp?



Steve Marvell wrote:

Unfortunately one of my servers has been hacked into!!
twice by the same person!

You need a firewall, you do.

Yes - and I'll sell you one with an FTP proxy service ;)

The FTP server shipped with Redhat 7 was wide open, and
generally overrun with viruses which exploited the default out
of the box settings automatically. Patch/upgrade etc...

I think the lpd daemon, and another daemon were also implicated
somehow...

So switch off unneeded services, "vi /etc/inetd.conf" and
comment out the rubbish is the single biggest security
improvement you can make to most Unix boxes in 2 minutes. Do get
inetd to restart, and get rid of xinetd.

Do you really need FTP? People can get files using HTTP easy
enough, and send you them by email (Knuth suggests dropping the
"-" in email), Apache has a better security record than almost
any ftp package.

--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.


Lynx friendly