Config dedicated FTP server

Michael Yu_1 · ‎02-19-2003

I would like to setup an dedicated ftp server on HPUX 11.0 server. Somebody can help me with some info about this? I don't know where to begin. How should I set up an account? What do I need to config in this server? We also plan to place this server in DMZ so that people from outside of company can access to this.

Thanks.

Dave La Mar · ‎02-19-2003

Michael -

Here is what I started with. At the time I was looking to restrict a given user. -

I used the following to set up a particular user as well as
DOC NR0801KBRC00007714

http://support2.itrc.hp.com/service/cki/search.do?searchString=A5651654&mode=id&submit=Search&searchCrit=allwords&docType=Security&docType=Patch&docType=EngineerNotes&docType=BugReports&docType=Hardware&docType=ReferenceMaterials&docType=ThirdParty

I think you will find what you need here as well.

Best of luck.

dl

"I'm not dumb. I just have a command of thoroughly useless information."

Steven E. Protter · ‎02-19-2003

Dedicated FTP server right.

First step is to inventory all network services you will not need.

You must remove BIND, its a potential dential service tool.

NFS. Gone, get it off.

Berkeley protocols' rsh and all, have to go.

Telnet has to go. It must go because it transmits passwords back and forth clear text and that is just what a hacker would like to get his or her slimey hands on.

To replace telnet, put secure shell on the box. https://payment.ecommerce.hp.com/cgi-bin/swdepot_parser.cgi/cgi/try.pl?productNumber=T1471AA&date=

I've attached a document to let you generate public keys so you can administer this server via ssh more easily.

Have I missed something, yes.

Try out the free Bastille security hardening tool. Here is a link.

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProducts.pl?group_type=search&group_name=Bastille&search_free=1&search_trial=1&search_buy=1

You still want to stay current on security patches. Here is a link for security_patch_check

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProducts.pl?group_type=search&group_name=security+patch+check&search_free=1&search_trial=1&search_buy=1

Now you have a good start.

Good luck.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

rick jones · ‎02-20-2003

the suggestion to get bastille is a good one. as for FTP-specific tunes, well, you might glean something useful from the "ftp" or "sw download" server writeups at:

ftp://ftp.cup.hp.com/dist/networking/briefs/

probably good to grab the latest ftp patches from the itrc or the latest ftp bits from software.hp.com

there is no rest for the wicked yet the virtuous have no pillows

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Config dedicated FTP server

Config dedicated FTP server

Re: Config dedicated FTP server

Re: Config dedicated FTP server

Re: Config dedicated FTP server