Good security practice works on a combination of locking down all the holes as tightly as possible and letting as little information about the network out as possible. Additionally some legal systems require that explicit warnings are put up letting the casual connecting host know that unauthorised access is not permitted. To provide these features Proftpd supplies a number of directives which control the message presented to the user.
Setting SeverIdent to "off" should turn off the information about what type of server is running. To have maximum effect this directive should either be in the Global context or included in every virtual host block and the default block.
ServerIdent on "Linux.co.uk server" ServerIdent off ServerIdent on ""
Use the DisplayConnect directive to specify a file containing a message to be displayed prior to login.
DisplayConnect /ftp/ftp.virtualhost/login.msg
Use the DisplayLogin directive, this sends a specified ASCII file to the connected user.
DisplayLogin /etc/proftp.msg
Use the AccessGrantMsg directive, this sends a simple single line message back to the user after a successful authentication. Magic cookies appear to be honoured in this directive.
AccessGrantMsg "Guest access granted for %u."
Note, this directive has an overriding default and needs to be specified in both VirtualHost and Anonymous blocks.
| Prev | Zmey`s Home | Themes Wordpress | Home | Next |
| Firewall issues | Up | How can I control what commands the server accepts? |