country
hp home hp products & services support solutions how to buy
spacer
hp logo - invent
corner IT resource center corner
go search
go online help
go contact hp
go IT resource center home
go my profile
go logout
go maintenance and support
go training and education
go planning, design, and implementation
forums
corner corner

Welcome, Roulet
(BR184674 )

corner corner
hp engineer HP engineer
expert expert in this area
user status
ITRC Pro ITRC Pro
250 points
ITRC Graduate ITRC Graduate
500 points
ITRC Wizard ITRC Wizard
1000 points
ITRC Royalty ITRC Royalty
2500 points
go how to earn points
question status
Magical Answer Magical Answer
Message with a response that solved the author's question
corner corner
 spacer
 
FTP Security issue
forums > hp-ux > security > FTP Security issue
receive e-mail notification if a new reply is posted reply to this message post new message
author subject: FTP Security issue
Kong Kian Chay


December 18, 2000 04:17 AM GMT
Our system (HP-UX 10.20 & 11.00) allows our users to FTP & TELNET from their home to access the resources.

However, I was told by a friend that allowing FTP is a big security lax - that via FTP, users can actually flood the system with messages & get to the root a/c.

Would like to check how this is done & how to prevent it.

Sort Answers By: Date or Points
Kofi ARTHIABAH expert in this area 

This user has accumulated 2500 or more points 
December 18, 2000 04:37 AM GMT   [ 8 pts ]
Kong:
If you are allowing your users out-going ftp access, then there is nothing much to worry about; however, if you are allowing them ftp access into your network/server, you have to take some precautions.

Allowing unrestricted access to any service on your server is a potential security risk. I would recommend that if you do not already have one-

1. set up your servers behind a firewall
2. consider using some form of VPN technology to allow your users to connect from home
3. get the latest security patches for all services that you are offering (and keep a close eye on bug reports as they come out)
4. Visit the excellent security related site: http://www.securityfocus.com and http://www.sans.org
for more information on exploits.

To answer your questions more specifically, there are vulnerable versions of ftp out there that can give a user root access/root shell via a buffer overflow. These kinds of attacks are generally prevented by getting the latest versions of your ftp daemon.

good luck
Dan Hetzel

This user has accumulated 1000 or more points 
December 18, 2000 09:47 AM GMT   [ 4 pts ]
Hi,

Kofi is right ! ftp could be a major security issue if you leave it unrestricted.

Make sure that you have applied the latest ftp patch (PHNE_21936 for 11.0, PHNE_22057
for 10.20)

Best regards,

Dan
suhas


December 18, 2000 15:14 PM GMT   [ 5 pts ]
Kong,
Frankly speaking FTP is a very nice service, but it is very dangerous too !!!. So my advice to you will be:
Allow the guys to do telnet "in"to your system and then ask them to ftp "out" to their requisite place. It will be better if you can disable ftp service.

But if you really want to continue with ftp, I would like to suggest something. First you create an account with /bin/false as its shell. Give that account rights to only a particula area on your system. Keep the account password protected (increased security). Disable ftp access for everybody else, by adding their names to /etc/ftpusers file. Keep only one entry in /etc/shells file as
/bin/false (increased security).
Hope this helps....
Suhas :-)....
corner corner
useful links
· Visit Customer Care for Pavilion questions.
· Software Call Manager
· Technical Knowledge Base
corner corner
printing icon
go printing instructions
Privacy Statement Legal Notices © 1994-2000 Hewlett-Packard Company