Home page logo

basics logo Security Basics mailing list archives

Re: FTP security question...
From: phani () myrealbox com
Date: Sat, 16 Nov 2002 12:39:58 +0530

On Sat, Nov 16, 2002 at 07:02:23AM +0000, phani () myrealbox com wrote:
On Wed, Nov 13, 2002 at 11:08:52AM -0600, Mike Cain wrote:
   Anon root is fine with a locked down root. But you should take care to check if there are any exploits on ur ftp 
server (wu-ftp ???). Check up if there are any exploits on the server and if any , lock em down

I just came to work at a new company, and I have been doing the standard
auditing and such to see where the company stands from a security point
of view. Nothing looks as if its been compromised in the past, which
should keep me from having to rebuild anything, but one thing I noticed
on my SSS scan of the outside interface on our proxy server, was that
Anonymous FTP is allowed. I know that's a no-no, but I looked closer,
and found that the FTP root was locked down. Meaning if I log in anon, I
cant mkdir, etc. What are the issues with that type of setup? Known
security risks? Thanks in advance. 


PS yes, I am searching google as we speak with little to no effect.. 


Mike C




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]