Re: FTP security question...

[phani () myrealbox com]

On Sat, Nov 16, 2002 at 07:02:23AM +0000, phani () myrealbox com wrote:
> On Wed, Nov 13, 2002 at 11:08:52AM -0600, Mike Cain wrote:
> hi,
>    Anon root is fine with a locked down root. But you should take care to check if there are any exploits on ur ftp 
> server (wu-ftp ???). Check up if there are any exploits on the server and if any , lock em down
> cheers
> phani
>
>
> > I just came to work at a new company, and I have been doing the standard
> > auditing and such to see where the company stands from a security point
> > of view. Nothing looks as if its been compromised in the past, which
> > should keep me from having to rebuild anything, but one thing I noticed
> > on my SSS scan of the outside interface on our proxy server, was that
> > Anonymous FTP is allowed. I know that's a no-no, but I looked closer,
> > and found that the FTP root was locked down. Meaning if I log in anon, I
> > cant mkdir, etc. What are the issues with that type of setup? Known
> > security risks? Thanks in advance. 
> >
> >  
> >
> > PS yes, I am searching google as we speak with little to no effect.. 
> >
> >  
> >
> > Mike C
> >
> > CCNA/CCNP/MCSE
> >
> >  
> >
> >