Disabling anonymous ftp access altogether is as simple as removing this entry. Section I: Disabling anonymous ftp access altogether.Īnonymous ftp activity in Unix and Linux is enabled by adding the user “ftp” to the password file (locally or in the NIS password file). We have provided directions for configuring both generic UNIX or Linux FTP servers and Microsoft’s Internet Information Server (IIS) below. We have provided a script to help do that below, and you can also use Baseline to watch over your ftp area. For Unix and Linux systems, you should monitor your ftp area for signs of abuse.This is the least desirable configuration and should be avoided.
An anonymous upload area will not permit anonymous downloads from the same directory, which prevents the site from being abused. If you must allow anonymous uploads, follow the special directions for creating an anonymous upload area.You must make sure that the unauthenticated users cannot put files into any directories on the FTP server, otherwise your server will be abused. If you need to allow anonymous access, allow only anonymous downloads.
You should not allow the root directory (/) or entire disks to be shared (unless the entire disk is a single partition containing only shared information.
Security for an FTP server is relatively straightforward and the same principles apply for all platforms: Since HTTP can also be used to transfer files, FTP has become slightly more old-fashioned. FTP is superior to HTTP (web) if the goal is to transfer files, not display information. FTP servers are a common way of sharing files between individuals with or without authentication.
0 kommentar(er)
