HPE Community
Operating System - HP-UX
1827293 Members
1400 Online
109717 Solutions
New Discussion

ftp version

 
SOLVED
Go to solution
Peter Gillis
Super Advisor

‎07-28-2003 05:18 PM

‎07-28-2003 05:18 PM

ftp version

HI,
hpux 11.00.
Where do I find the latest verion of ftp server software? i have been advised to upgrade to the lastest version.
thanks,
Maria.
0 Kudos
8 REPLIES 8
Con O'Kelly
Honored Contributor

‎07-28-2003 05:35 PM

‎07-28-2003 05:35 PM

Solution

Re: ftp version

Hi Maraia

Presumably this is as a result of a security audit??

I know this doesn't exactly answer the question but my advice would be to look closely at the patching for ftp so that you are up to date. Also look closely at implementing ftpaccess file & using /var/adm/inetd.sec.

As regards the latest version of HP's default ftp daemon (which for 11.x is based closely on wu-ftpd). You can download the latest version of wu-ftp at:
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=WUFTPD26

Other ftpd daemons for HP-UX are availble at:
http://hpux.connect.org.uk/

Cheers
Con
Patrick Wallek
Honored Contributor

‎07-28-2003 05:37 PM

‎07-28-2003 05:37 PM

Re: ftp version

You probably just need the latest FTP patch.

PHNE_23949
http://www1.itrc.hp.com/service/cki/patchDocDisplay.do?patchId=PHNE_23949
Rajeev Shukla
Honored Contributor

‎07-28-2003 05:40 PM

‎07-28-2003 05:40 PM

Re: ftp version

Hi Maria,

you can find the version of ftpd by doing
#what /usr/lbin/ftpd

and if you need other secure ftp softwares like wftp or openssh or gnu ftp you can find from here
http://hpux.connect.org.uk/

or you need a patch for ftp get it from itrc site.

Rajeev
Michael Tully
Honored Contributor

‎07-28-2003 05:47 PM

‎07-28-2003 05:47 PM

Re: ftp version

Hi Maria,

If you trying to use some form of secure ftp, you should perhaps look at the openssh offering, which uses 'sftp' on port 22. See this link for the free software depot from HP. This will also then enable you to block off port 21 and also getting rid of telnet port 23, as you can connect using ssh instead of telnet. (two for the price of one, actually none ;^))

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=T1471AA

If your just wishing to get the latest patches follow the links provided by Patrick.

Cheers
Michael
Anyone for a Mutiny ?
Tim Adamson_1
Honored Contributor

‎07-28-2003 05:50 PM

‎07-28-2003 05:50 PM

Re: ftp version

Hi Maria,

If you need the latest version of the ftpd, then install patch PHNE_23949. It does not have any dependencies and does not require a reboot.

You can probably get some 3rd party ftp products from elsewhere on the web - sorry I don't have any URLs.


Cheers!
Yesterday is history, tomorrow is a mystery, today is a gift. That's why it's called the present.
Peter Gillis
Super Advisor

‎07-28-2003 07:18 PM

‎07-28-2003 07:18 PM

Re: ftp version

Hi thanks for the replies. You are right...audited! Have checked the patch level and we do have PHNE_23949. I issued the what command and i got the current version, but there was also a fair bit of other stuff...
$Id: ftpd.c,v 1.22 1996/04/15 05:51:04 sob Exp sob $ based on ftpd.c 5.
40 (Berkeley) 7/2/91
Copyright (c) 1985, 1988, 1990 Regents of the University of California.
$Id: ftpcmd.y,v 1.8 1996/03/15 06:26:20 sob Exp $ based on ftpcmd.y 5
.24 (Berkeley) 2/25/91
Revision 1.1.214.8 Fri Apr 20 07:27:42 GMT 2001
$Id: glob.c,v 1.6 1996/03/16 04:00:06 sob Exp $ from glob.c 5.9 (Berkele
y) 2/25/91
popen.c 5.9 (Berkeley) 2/25/91
$Id: logwtmp.c,v 1.7 1995/10/15 06:35:17 sob Exp $
logwtmp.c 5.7 (Berkeley) 2/25/91
$Id: access.c,v 1.8 1996/03/15 07:29:08 sob Exp $
$Id: extensions.c,v 1.16 1996/03/15 06:26:20 sob Exp $
$Id: realpath.c,v 1.7 1996/03/15 08:15:56 sob Exp $
$Id: private.c,v 1.6 1995/12/11 09:20:19 sob Exp $

What is this telling me?

maria.
0 Kudos
Steven E. Protter
Exalted Contributor

‎07-28-2003 08:23 PM

‎07-28-2003 08:23 PM

Re: ftp version

A note for the wise.

The lastest version of wu-ftpd does not have correct user block functionality. For that you will have to open a case with HP and get binaries.

What I mean is:

/etc/ftpusers

contains users that can not use ftp.

root should be in this file because giving root ftp is a huge security risk.

Without updated binaries you will add root user to that file and the ftp server will IGNORE the directive and let root ftp right on in.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Con O'Kelly
Honored Contributor

‎07-28-2003 08:48 PM

‎07-28-2003 08:48 PM

Re: ftp version

Hi Maria

I'm not aware of a command for ftpd that can give you a definitive answer on the version you are running (such as you get say with apache: httpd -v). The 'what' command is giving you some version info but doesn't appear to show any version updates as a result of the patches etc. You should see something about wu-ftpd2.4 as this is what PHNE_23949 delivers.

From what I understand HP-UX 11.x was delivered with a an older ftpd and PHNE_23949 updated it to wu-ftpd2.4. The latest version is now 2.6.1. HP-UX 11i comes with wu-ftpd as the default.

From what you said, management probably wants confirmation they are running the latest ftpd as a security precaution?

I'd ensure you have installed the latest ftp patches and are using the files such as:
/etc/ftpd/ftpaccess
/etc/ftpd/ftpusers
/var/adm/inetd.sec

You can significantly restrict access to ftp through using these files and perhaps make the auditors happy!! In terms of the auditors that is probably the best you can do and assure them the latest patches have been applied.

You could also investigate installing & testing the latest version of wu-ftpd (link is in my previous post). I'd note what SEP has said has said about ftpusers file.

Cheers
Con
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.