securing ftp

Crunch · 08-05-2003, 01:51 PM

Okay, I have an FTP up right now, and I want to make it so that when ever ou connect you cannot browse other directories but your own, would any one be able to provide me any tips on how to do so?

cyph3r7 · 08-05-2003, 02:12 PM

depending on what falvor you are running the configs are little different but all act the same sorta. Anyway without know which ftp util you are using all I can do is be generic and say that in the conf file for the ftp server should contain a stanza that disables anonymous and can set default root locations. In proftp it looks like this:

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~

Crunch · 08-05-2003, 02:23 PM

Do you know how i can find out what ftp type i am using? (i'm new with this security thing) and uh, where would the config file be found?

cyph3r7 · 08-05-2003, 02:53 PM

run a "ps ax | more" or "ps -ef | more" and look at the ftp process name. Once you have it type "which ftpd (or the process name)"

then run the command looking for the version such as

/usr/sbin/ftpd -v

markus1982 · 08-06-2003, 08:15 AM

and if you're running wu-ftpd do not call your ftp secure ...