From Aung Win Thu on Tue, 06 Jun 2000
Dear Dennis
I have installed Linux Redhat 6.0 on my intel machine. I want to disable anonymous login to my ftp site. how can i do it? Thaks for your help.
Aung
Traditional FTP daemons used the existence of an account named "ftp" (an ftp:... entry in the /etc/passwd file) as a flag to enabled anonymous FTP.
If you're using a plain old BSD port of ftpd you could just remove that user. There are various other FTP daemons such as WU-ftpd (originally from Washington University in St Louis, wustl.edu), NCFTPd (by Mike Gleason, author of the ncftp client) and ProFTPd (https://www.proftpd.net). Each of those supports some way of enabling anonymous FTP --- so all you have to do is reverse those steps to "disable" it.
I also recommend that you use TCP wrappers (edit your /etc/hosts.allow and /etc/hosts.deny files) to limit whence FTP connections are accepted. In other words, start with ALL: ALL in your /etc/hosts.deny and add the networks and IP address patterns (and/or domain name patterns) from which you will allow you users to access your site.
Personally I'd like to see FTP fade away in favor of SSH or more secure protocols. (Although it may be more of a race between the secure protocols at the applications level and the transparently secure protocols in IPSec FreeS/WAN).
1
2
3
4
5
6
7
8
9
10
11
12
13
14 15 16 17 18 19 20 21 22 |