about wu-ftp server

leyearn · ‎08-11-2004

now my ftp Server is wu-ftp
but root can't ftp it
why?
in /etc/ftpaccess file

there are several entries:
deny-uid %-99 %65534-
deny-gid %-99 %65534-
allow-uid ftp
allow-gid ftp
what's the meaning of these entries

thanks in advance!

Stuart Browne · ‎08-11-2004

deny any UID or GID below 100, and above 65534, unless they have the speicific UID or GID 'ftp'.

i.e. deny root FTP access.

Allowing FTP root access is a good security hole which can be easily abused, especially on a public network.

One long-haired git at your service...

Steven E. Protter · ‎08-11-2004

There is a reason Linux ships with root access blocked.

It is the kids that try thosands of ftp root logins with common passwords hoping they can guess your password.

Once they get your root password they own your system. They can send spam, they can wipe it out, they can do anything.

ftp is inherently unsafe because its authentication goes across public networks in clear text.

That means if you enable root ftp and use it across the public Internet, anyone can get your root password. I've had the same thing happen with telnet which has the same authentication problem.

So, designate a user id don't give it root priviledge and use it as roots slave to do all of your ftp work.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

about wu-ftp server

about wu-ftp server

Re: about wu-ftp server

Re: about wu-ftp server