|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
This falls into the DUH! catagory, but I just realized that FTP access
was wide open on my system. Well, since I have it I decided to secure it
instead of killing it. Only allowing my personal account to have access.
I have two questions though...
First, can I change the process owner in /etc/inetd.conf or would that
break ftp?
Second, I'm including my /etc/ftpaccess file. Is there anything else I
should/can do or shouldn't be doing?
I know that I can just remove the anonftp package but I want to secure
it in case I make a mistake and add it later during an upgrade.
Thanks.
/etc/ftpaccess
class all real,guest,anonymous *
defaultserver private
defaultserver deny *
defaultserver allow martindiviaio
virtual * private
guestserver
email root@localhost
loginfails 5
limit-time anonymous 1
limit-time guest 1
banner /home/ftp/.message
greeting terse
readme README* login
readme README* cwd=*
message /welcome.msg login
message .message cwd=*
compress yes all
tar yes all
chmod no all
delete no all
overwrite no all
rename no all
umask no all
log syslog+xferlog
log security anonymous,guest,real
log transfers anonymous,guest,real inbound,outbound
shutdown /etc/shutmsg
passwd-check rfc822 enforce
anonymous-root /home/ftp/pub
guest-root /home/ftp/pub
dns refuse_mismatch /home/ftp/.dns_failure_msg
dns refuse_noreverse /home/ftp/.dns_failure_msg
______________________________________________________________________
Philadelphia Linux Users Group - http://plug.nothinbut.net
Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce
General Discussion - http://lists.nothinbut.net/mail/listinfo/plug
|
|