Title: Anonymous Ftp Configuration Guidelines
Authors: Carnegie Mellon University
Abstract:
- Anonymous FTP can be a valuable service if correctly configured and
administered. The first section of this document provides general
guidance in initial configuration of an anonymous FTP area. The
second section addresses the issues and challenges involved when a
site wants to provide writable directories within their anonymous FTP
areas. The third section provides information about previous CERT
advisories related to FTP services. This paper are a set of suggested
recommendations that have been beneficial to many sites. CERT
recognizes that there will be sites that have unique requirements and
needs, and that these sites may choose to implement different
configurations.
Title: CERT Coordination Center Generic Security Information
Authors: CERT Coordination Center
Abstract:
- The information in this document can be used to prevent several types
of break-ins. We encourage system administrators to review all
sections of this document and modify their systems accordingly to
close these potential vulnerabilities.
Title: How to set up a Secure Anonymous FTP Site
Authors: Christopher William Klaus
Abstract:
- The following is a FAQ on setting up a secure FTP Site. FTP sites
are known for much abuse by transferring illegal files. They also open many
oppurtunities for intruders to gain access via misconfigured setups. And
lastly many versions of ftp servers have had security holes. This FAQ is
intended to clean up this abuse by allowing administrators to go through this
check list of steps to make sure their FTP is correctly configured and that
they are running the most current ftp daemon.
|