Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents
Up to --> Security

· What You Can Do About It
· Trusted Hosts
· FTP
· NFS
· Modem Security
· Backups
· The Official Word
· Changing Attitudes
· System Security
· Security and the Law

Glossary
MoreInfo
Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
FAQ
Copyright Info
Terms of Use
Privacy Info
Disclaimer
WorkBoard
Thanks
Donations
Advertising
Masthead / Impressum
Your Account

Communication
Feedback
Forums
Private Messages
Recommend Us
Surveys

Features
HOWTOs
News
News Archive
Submit News
Topics
User Articles
Web Links

Google
Google


The Web
linux-tutorial.info

Who's Online
There are currently, 187 guest(s) and 5 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here

  
Linux Tutorial - Security - What You Can Do About It - FTP
  Trusted Hosts ---- NFS  


FTP

Anonymous FTP should not be made available on every host on the network. Choose one machine (preferably a server or standalone host) that is protected from your internal network. This can be the same machine as mail or WWW server. This makes monitoring for security violations much easier. In the section on configuring a Internet server, we go into details about securing your ftp server. Here, I'll just cover some basic issues.

Incoming transfers to this server should be in a separate directory (i.e. incoming). This is the only directory where the user ftp can write. However, they cannot read this directory. This is to keep your site from becoming a repository for pornography, pirated software and other nasty stuff. Check often the contents of the directories into which ftp is allowed to write. Any suspicious files you find should be deleted.

Although the ftp directory should not be writable by the ftp user, you should still check for "hidden" directories or files. Review what is being abused to take appropriate action, based on what your security policy says. If you can determine where the stuff is coming from, notify both CERT(Computer Emergency Response Team) and/or that site. If you can't find a phone number for that site, do not send the system administrator email. If the other site is compromised, the intruder may check through the email files.

 Previous Page
Trusted Hosts
  Back to Top
Table of Contents
Next Page 
NFS


MoreInfo

Test Your Knowledge

User Comments:


You can only add comments if you are logged in.

Copyright 2002-2009 by James Mohr. Licensed under modified GNU Free Documentation License (Portions of this material originally published by Prentice Hall, Pearson Education, Inc). See here for details. All rights reserved.
  
Show your Support for the Linux Tutorial

Purchase one of the products from our new online shop. For each product you purchase, the Linux Tutorial gets a portion of the proceeds to help keep us going.


Login
Nickname

Password

Security Code
Security Code
Type Security Code


Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!


Amazon Wish List

Did You Know?
The Linux Tutorial can use your help.


Friends



Tell a Friend About Us

Bookmark and Share



Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.06 Seconds