As an FTP server on the Internet, the security of the system is very important. This is the first issue considered by the FTP server. Its security mainly includes the following aspects:
1. Unauthorized users are prohibited from performing FTP operations on the server.
Second, FTP users cannot read files or directories that are not allowed by the system owner.
Third, without permission, FTP users cannot create files or directories on the server.
Fourth, FTP users cannot delete files or directories on the server.
The FTP server has taken some measures to verify the identity of the user to solve the above first problem, including the following measures:
The user account used by the FTP user must be in /etc/It is documented in the passwd file (except for anonymous FTP users), and his password cannot be empty. The server denied access if the user account and password were not entered correctly.
The FTP daemon FTPd also uses an /etc/FTPusers file. Any user who appears in this file will be denied access to the FTP service by the server. Server management can create "unwelcome" user directories that deny access to these users. The server can accept anonymous FTP connections only if there is a user named "FTP" in the /etc/passwd file on the server. Anonymous FTP users can use "anonymous" or "FTP" as their username, their own Internet. The email address is used as a secret word.
In order to solve the other three problems of the above security, you should manage the file attributes under the FTP home directory. It is recommended to take the following measures for each directory and its files:
FTP Master Directory: Set the owner of this directory to "FTP", and set the attribute to all users to be unwritable, preventing unscrupulous users from deleting files.
FTP/bin directory: This directory mainly stores some system files. The owner of this directory should be set to "root" (ie superuser), and the attribute is set to all users can not be written. To ensure that legitimate users can display files, the ls file attribute in the directory should be set to executable.
FTP/etc directory: Set the owner of this directory to "root" and set the attribute to all users to be unwritable. Set the properties of the group file and passwd file in the directory to the read-only attribute of all users, and use the editor to delete the password encrypted by the user in the passwd file. FTP/pub directory: Set the owner of this directory to "FTP" and set its properties to be readable, writable, and executable by all users. This setting ensures that the system files are not deleted and the normal access of FTP legitimate users is guaranteed.
One, Account (account) option. As shown below: Second description and application examples1,
Windows 2000 system provides FTP service function, because it is easy to use, and the Windows system
Win 2003 Standard Edition, Windows 2003 Enterprise Edition, Windows XP Professional, Windows 2000 Se
Before reading this article, there are a few points to note. 1, everyones full control of th
How to achieve security of FTP server
Ftp upload or browse Chinese garbled problem
Graphic internal network set up ftp server
Command line mode using FTP combat exercises
Building an FTP server with CesarFTP
Teach you how to view the contents of the FTP server of
Windows Server 2003 FTP Server Configuration Details
Vsftp virtual user configuration different permissions under Linux
Computer Tutorial: Serv-U Manager
Free ftp server ArGoSoft usage
Windows 8 will use built-in scanning technology to judge malicious programs [Figure]
Shutdown/Restart/Lock shortcuts to the Win8 Metro start screen
Can I play League of Legends with my computer for a video game?
Win10 system itunes can not connect mobile phone and tablet solution
Network Detection Techniques for Ping Commands
Linux Zsh command usage example