Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

nix security -- FTP service????

Status
Not open for further replies.
skyhighhk

skyhighhk

Technical User
Sep 26, 2005
6
HK
Hello actually im new to unix admin,

I would like to ask for you suggestions or comments see if you can help. Since system auditing is under progress and the AIX is the main investigated unit. They are asking to disable the FTP service to enhance the security but I doubt. For daily use, the FTP will help administrator
to download logs--daily performance log (the nmon I talked to u before), download and upload scripts, and also upload the unix programs. I am not experted in unix but based on your experience, do you think if there's any other better ways to perform the above tasks. If possible pls advice
any article or comments about this issue....I don't think too harsh is the best...Thanks very much!
 
Sort by date Sort by votes
There are a ton of different and more secure ways to transfer files. I would recommend you look into addind the SSH suite to your servers. This will allow you to disable ftp and telnet and get rid of plain text password transmittal. I'm sure you will get a ton of other input.


Jim Hirschauer
 
Upvote 0 Downvote
In the time you can use ftp.allow. I'm moving to SSH as well.
 
Upvote 0 Downvote
Thanks for your replies.

I've two questions
1)how to enable the ssh
2)even I enable ssh, the IT auditor can still challenge me why do I need to open this service, what if my userid get hacked?
3)currenly I use /etc/ftpusers to disable all other id to access ftp except me, they want me to totally disable the ftp service, but the question is, can I do the daily tasks without this? Use ssh? But still can challenge me...
 
Upvote 0 Downvote
1. There are commercial products such as at ssh.com or you can go the free route and install OpenSSH.

2. For a system to be useful at all you must accept some risk. SSH is far, far more secure than ftp and telnet. If you want a really secure machine just shut the thing down and disconnect it from the network. That should make the auditor happy.

3. ssh (sftp is the ssh equivalent of ftp) is more flexible than ftp is. Anything you did with ftp you can do with ssh and more.


Jim Hirschauer
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ui05067
  • Locked
  • Question
Runnign AIX ftpd someone is att
Replies
4
Views
258
iggsterman
iggsterman
tektipsaix
  • Locked
  • Question
550 Arguments too long with FTP Download
Replies
6
Views
236
iggsterman
iggsterman
generaal
  • Locked
  • Question
Samba security
Replies
0
Views
125
generaal
generaal
ui05067
  • Locked
  • Question
ftp creation of a new file - permissions of group
Replies
1
Views
118
mrn
mrn
oracle2012
  • Locked
  • Question
FTP - no login prompt on AIX
Replies
1
Views
92
mrn
mrn

Part and Inventory Search

Sponsor

Back
Top