As with all services there is the risk that abuse can happen or that a crack attempt will be made on the hosting server. As a general rule crackers will attempt to break in through known holes in the various server daemons running.
The cautious and security conscious system admin should be aware of the two main avenues for abuse, external and internal. I will consider external attacks to be those made by individuals without valid accounts or "user" level access to the server. Internal I will consider as being those individuals with authenticated user access of some form to the server.
Server Security security holes weak passwords Abuse of server warez dumping ground
In general there is not much more to securing a ftp server than there is to any other public access server. However the twin socket design and thus the requirement to never quite give up root privileges completely leaves a window ajar for the competent cracker to climb through. Or occasionally a thumping great sign and open door for a script kiddie with some time to spare.
Proftpd provides for some additional security by it's use of chroot(), user and IP access limits, command and path filters to limit what and where files can be uploaded and it's attention to when root privs are needed and when they are not. However a buffer overflow in the wrong place and it's possible that the server is compromised beyond hope.
Simple steps which can be taken to tighten security include
Log to a separate machine
Traffic filtering upstream of the server
chroot() all sessions
Don't give a valid shell where it's not needed
Run an intrusion detection system
If possible place the OS itself on a bootable CDrom
Tripwire
Decent backups
| Prev | Zmey`s Home | Themes Wordpress | Home | Next |
| New features/modules | Up | Daemon security |