Hello all.
I'm running vsFTP at home and I would like some (security) advice about my configuration.
It runs as an anonymous server and all logins are chrooted to a specific folder on a separated HD.
1.Is only anonymous better than local/virtual logins?
The idea of having only an anonymous server is because of the "big red button". The "big red button" saying "DO NOT PUSH" and every one pushes it.
There is no challenge to hack the server, no password, no nothing, just some files there... get the idea?
I want to upload so I have a hidden folder (hide_file={whatever}) wich only I know.
2. Is this a good thing? I mean is it possible to get all the folders even those who are not visible?
The firewall was configured with one of those iptables generator with permission for FTP server and passive ports.
3. If someone has nothing to do and decides "I'm gonna hack some ftp server today" and tries hack my machine. Something like flooding it or some other thing. How can I ban some IP for 1 or 2 hours if I get more than 20 connection attempts from that same address?
What do you have to say about my server?
Thanks,
Hyakutake
PS: It's the first time I get into mounting a server so please be kind to me