Re: Watch out! vsftpd anonymous access always enabled!

To: debian-security@lists.debian.org
Subject: Re: Watch out! vsftpd anonymous access always enabled!
From: Robert Brockway <robert@timetraveller.org>
Date: Sun, 21 Sep 2003 11:44:29 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.4.58.0309211135270.24998@zen.canint.timetraveller.org>
In-reply-to: <[🔎] 20030920104721.GA12314@wiretrip.org>
References: <[🔎] 20030920104721.GA12314@wiretrip.org>

On Sat, 20 Sep 2003, Robert van der Meulen wrote:

> If anyone here is running vsftpd on a non-anonymous box, I'd make sure to
> check this too. In the case of this customer (who has pretty sensitive data
> on his box), this could have been quite a disaster.

If he really cares about the data (and let's face it, everyone cares about
their data :) then I'd recommend dispensing with ftp entirely and using
scp or sftp (ssh v2) if the client needs to shift data to or from the box.
Configure this for RSA/DSA access only (no password access) and possibly
lock it down with a firewall as well (after recent events).  You can even
go one step further and have the sensitive data seperated from the
upload/download box (there are various ways to aproach this).

Cheers,
	Rob

-- 
Robert Brockway B.Sc. email: robert@timetraveller.org, zzbrock@uqconnect.net
Linux counter project ID #16440 (http://counter.li.org)
"The earth is but one country and mankind its citizens" -Baha'u'llah

Reply to:

Follow-Ups:
- Re: Watch out! vsftpd anonymous access always enabled!
  - From: Robert van der Meulen <rvdm@wiretrip.org>

References:
- Watch out! vsftpd anonymous access always enabled!
  - From: Robert van der Meulen <rvdm@debian.org>

Prev by Date: Re: OpenSSH in Woody
Next by Date: Fw: coIIege naive girIs ready for H/\RD /\CTlON zmq oaj I i uV YqQ GBAIV
Previous by thread: Watch out! vsftpd anonymous access always enabled!
Next by thread: Re: Watch out! vsftpd anonymous access always enabled!
Index(es):
- Date
- Thread