Anonymous FTP, How Secure?

Similar Messages

• Anonymous ftp

  I'm runing a solaris 8 on a ultra 5. I want to create an anonymous ftp server can some one tells me the steps on hot ot do it or if they have a web site where they show ho to to create one?

  several web sites can apply... btw, you should have posted this to the sysop area as you've said in your post you've got solaris 8...
  a quick search of google
  anonymous ftp solaris setup
  yielded...
  http://www.dbaoncall.net/references/ht_setup_ftp.html
  http://stone.backrush.com/sunfaq/lmh032.html
  You may also want to look at a hardened approach and check for how to setup a chroot environment on solaris (there was a post a week or two back with this question)
  hth

• Disable anonymous ftp in Solaris 10

  Hello,
  I am trying to disable anonymous ftp on a solaris 10 server, but am having great difficulty.
  I have tried adding the line 'guestserver' to /etc/ftpd/ftpaccess - this did not work.
  There is no ftp account present in /etc/passwd
  The inetd.conf entry for ftp is 'ftp stream tcp nowait root /usr/sbin/in.ftpd in.ftpd'
  I have even tried adding 'anonymous' to the /etc/ftpd/ftpusers file
  Anyone know how to shut anonymous ftp off, in a clean manner?

  The former. (the last field corresponds to argv[0], argv[1]...)
  Though I find it odd that if you don't have an anonymous account, you think that anonymous ftp is active. If you ftp the host, and use anonymous and a password, it lets you in? It seems that the normal behavior is that is says
  331 Guest login ok, send your complete e-mail address as password.
  REGARDLESS of whether anonymous ftp is active or not (it's just that you can't log in without an allowed password). One can argue whether or not this is a desired behavior....
  -r

• Setting Up Anonymous FTP

  I'm filling in for a sick colleague, so some things are already set and shouldn't be changed.
  FTP is already set for Home Directory Only. I need to add an ftp download point for anonymous users. For instance in ServerHD:WebSites:SiteA:Files, I want to provide guest access to the Files folder. The ftp root folder is inside the WebSites folder.
  When I Enable Anonymous Access, all other ftp sites are visible via ftp clients. Is this unavoidable?
  Secondly, how do I determine the ftp address of a file such as ServerHD:WebSites:SiteA:Files?
  Thanks in advance for any help or suggestions.

  When I Enable Anonymous Access, all other ftp sites
  are visible via ftp clients. Is this unavoidable?
  Anonymous ftp appears to be a disappointing shortcoming of OS X Server.
  I resolved the issue by going to http downloads in this scenario.

• Disabling anonymous ftp access

  We have just completed a 9iFS install. The previous version of iFS was 1.1.6. We were having problems with anonymous logins (people were dumping garbage in our public folder) and we disabled anonymous FTP by changing the guest password (we also changed it in the IFSDavServletParameters.properties file and modified the ftpserver.def file by setting AnonymousPoolSize = 0 and AllowAnonymousConnections = false. We would like to do the same with 9iFS but these files no longer exist or have been renamed. What are the equivalent files in 9iFS or how else can we go about disabling anonymous logins?
  N

  Hi Siva,
  Yes the SLD and UME is already configured.
  Regards,
  Anupama

• Anonymous ftp does not list directory - Solaris 9

  I've got 2 Solaris 9 systems set up for anonymous ftp access. One will show a directory listing, the other won't. AFAIK, I set them up the same, and the ftpd binaries have the same checksum. Anyone know how to permit the directory listing?
  By directory listing, I mean either the '"dir" command in a command-line session or via a browser (e.g., ftp://ftpserver.whatever.domain)
  Baffling behavior, and I can't find anything in Sun's docs to explain.
  Thanks.

  This is exactly the same question which you posted in this thread:
  ldd on my library (sample.so) fails to resolve SUNW_1.9.1 version of libnsl
  Please don't post the same question twice

• Anonymous ftp access

  We have just completed a 9iFS install. The previous version of iFS was 1.1.6. We were having problems with anonymous logins (people were dumping garbage in our public folder) and we disabled anonymous FTP by changing the guest password (we also changed it in the IFSDavServletParameters.properties file and modified the ftpserver.def file by setting AnonymousPoolSize = 0 and AllowAnonymousConnections = false. We would like to do the same with 9iFS but these files no longer exist or have been renamed. What are the equivalent files in 9iFS or how else can we go about disabling anonymous logins?
  N

  I understand what you're specifically asking for, but could you provide some background on what specific requirement(s) you are seeking to resolve -- the requirement(s) here, and not the proposed solution here using ftp.
  Are you are familiar with ftp attacks, if this is an open Internet site? Open ftp servers are malware magnets.
  If you're trying to avoid having specific (known) users specify authentication, then there are ways to do that. Not the least of which is sftp with the public keys shared. There are other approaches, such as uploads via http-based sites.

• How secure is Internet shopping with ipad mini

  How secure is Internet shopping with ipad mini

  Same as any other iPad or iPhone. 
  There has been no malware that I have heard of on the iPad.
  I would say it is very safe.  I buy on the inernet all the time.
  Optional: for a minor improvement in security, change your DNS server to Google
  You could change your DNS server to Googles. I use Google.
  Google provides free dns lookup.  Their numbers are:
  8.8.8.8
  8.8.4.4
  http://discussions.apple.com/message.jspa?messageID=5908432#5908432
  Robert

• Can't get Anonymous FTP folder to work

  According to this Apple doc you can set up a folder for anonymous FTP users. But when I add the "uploads" folder to my ftp root directory, which was relocatd as mentioned bellow. It doesn't seem to work. Anonymous users are sent directly to the ftp root folder rather then the uploads folder. So they can see all my files. I want Anonymous users to only be able to see anonymous user files, not all the ftp files.
  Any thoughts?
  Greg
  http://docs.info.apple.com/article.html?path=ServerAdmin/10.4/en/c6fs20.html
  Server Admin 10.4 Help
  Creating an FTP Uploads Folder for Anonymous Users
  The uploads folder provides a place for anonymous users to upload files to the FTP server. It must exist at the top level of the FTP root directory and be named "uploads." (If you have changed the FTP root directory, then the uploads folder must be at the root of that directory.)
  Use the Finder to create a folder named "uploads" at the top level of your server's FTP root directory.
  Set privileges for the folder to allow guest users to write to it.
  You can set up an FTP upload directory using the mkdir and chmod commands in Terminal. For more information, see the file services chapter of the command-line administration guide.

  Greg,
  can you show us the "upload" directory permissions?
  Also, have you restarted your ftp server?
  Mihalis.

• How secure is information that is submitted using adobe forms?

  I am using adobe forms to creat an online application for students.  How secure is the information submitted?

  All of the the communications with the server are protected with SSL (https). This FAQ explains in more detail:
  http://forums.adobe.com/docs/DOC-1384
  Randy

• IPhone Security: How secure is the iPhone?

  We just purchased iPhones for our family. However, I have a question regarding cyber security on these devices.
  Specifically, we have the phones set up to access our MobileMe accounts, and thus the MobileMe password is part of our iPhones. This leads to two questions:
  1) If someone acquires our phones, can they easily reverse engineer the phone to determine our MobileMe passwords?
  2) When we use various free wireless services (for example, while travelling at airports), how secure is the password data as it is passed from our iPhones to MobileMe over the RF spectrum? Could someone easily “listen in” to the communication and sniff out the passwords?
  It’s not that crucial now since it is just our MobileMe account, but I would like to use my iPhone for work e-mail and am not sure if this is safe or not.
  In addition to these questions, any advice, comments, or other sources on iPhone security would be greatly appreciated.
  Thank you very much for sharing your expertise!!!

  CharPatton wrote:
  2) When we use various free wireless services (for example, while travelling at airports), how secure is the password data as it is passed from our iPhones to MobileMe over the RF spectrum? Could someone easily “listen in” to the communication and sniff out the passwords?
  It depends on what the website does, and the rules are the same as using a wifi laptop:
  A) If a site uses regular HTTP with no encryption, any text data can be intercepted.
  B) Using HTTPS encryption like banks do, data can be sniffed but cannot be read unless a sophisticated hacker can unencrypt the sniffed data.
  C) Using a secure VPN for your iPhone (like HotSpot Shield), you can encrypt traffic between the iPhone and the VPN service so that all your communications are secured regardless of what the website does.
  I don't have a MobileMe account, so I don't know whether they layer any encryption over the login, but if they're like many sites, they probably do. As for what happens after login, this article is not very encouraging if the info is still current. That is why I use a VPN.

• How secure is the default web services?

  Just curious how secure the default web services configuration is.
  Would mod_security need to be installed?
  The server would only host 2 sites but I am concerned about basic security.

  Your question is too vague to be answerable.
  Any web server security depends largely on what you're doing.
  If you're just serving static pages then its pretty secure - there isn't much anyone can do to compromise your server.
  If you're running any kind of dynamic content then your security depends on a) the server-side engine you use (e.g. PHP, Java, Ruby, etc.) and b) the competency of whoever's writing your code.
  If you're using any kind of database-driven content then your security also depends on your database engine, and your ability to secure your database.
  The upshot is that the software as delivered is only as good as how you configure and run it. mod_security (if you take the time to configure it) offers some protection, but it doesn't beat taking the time to code your application correctly.

• How secure is the phones Pin?

  Hey guys,
  Had my N96 stolen last night (it is covered just lost 40 very precious mins of video, devastating) and I was wondering, just how secure is my 4 digit pin code on the phone. Can it be bypassed easily? I'm not phishing here so I don't want detailson how anythings done just want the security of knowing that the **bleep** who has my phone can't access whats on there i.e. photo's, numbers etc.
  Thanks

  did you set remote lock you can lock it with a text if you did
  the phone lock on the phone the Nokia default 12345 is NOT secure at all I think a software update resets it to default 12345
  If however it is a SIM pin lock even only 4 digits then that is secure but a different sim will access the phone memory and your vids
  I always have the SIM lock on to just to protect my account but the Nokia pin I dont rate at all
  Contact the provider for your service THEY CAN LOCK IT OUT of the network on the imie thats not undo able in UK and is secure
  but it only stops it making calls not access to the phone internal mem
  but some countries do not use the imie lock so it could be sold on abroad
  Nokia user / modder since Nokia Orange and Mobira user too before that

• How secure is the password manager?

  How secure is the password manager?
  Can someone hack into it and steal my password?

  You can protect stored password using master password. See:
  * https://support.mozilla.com/en-US/kb/Protecting%20stored%20passwords%20using%20a%20master%20password

• Anonymous FTP User created by the system lacks the user name

  I'm experiencing some problems and inconsistencies in the Mac OS X Server 10.4.7 FTP service.
  First I'll report this behaviour to evaluate if it's worth a bug report.
  I read in the that the user with user name 'Anonymous FTP User" and short name 'ftp' is created by the system the first time the FTP server is accessed using an anonymous user.
  I noticed that the user is indeed created but its user name field is empty. It doesn't have the associated LDAP record, too.
  If I try to manually create a user with an empty user name field WGM errors, so could this be considered a bug?
  PowerBook G4 867MHz 12,1"   Mac OS X (10.4.7)  

  Hi
  Using NFS u can write the file in XI directories only not on other system
  If u want to write in other System (ECC in u r case) u shud use FTP protocol.
  NFS ===> xi local path
  other path ==> use FTP protocol
  thx
  srini