etc/ftpd/ftpusers & philosophy of disabling root


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers etc/ftpd/ftpusers & philosophy of disabling root
# 1  
Old 04-02-2009
etc/ftpd/ftpusers & philosophy of disabling root

we don't have root in our /etc/ftpd/ftpusers and we are getting some pushback from the external auditors about this - specifically as a security risk if a "sniffer" were to catch roots password at the ftp.

What do most shops do - disable ftp for root?

What do you do to get things to the machine in that case -- like patches or utilities? Do you not logon as root and ftp them over from the network or whereever you have them? Or do you logon as yourself to do that? Or do you remove the entry, do the ftp & put the entry back?

what is the normal practice so I can respond to these folks.

Thanks.
# 2  
Old 04-02-2009
I am suspecting that I will receive answers like
"we use OpenSSH and scp" or "we use sftp" (from what my online research is finding) but I'm still curious to know what is considered normal business practice.
# 3  
Old 04-02-2009
We are not allowed by our auditors to use ftp outside the firewall. Period. SOX-compliance.
# 4  
Old 04-02-2009
This is 100% within the local environment - e.g. from my desktop logged on to the network to UNIX.
our UNIX box is not known outside the local environment/not exposed to the outside.
Does that change anything for your perspective?
 
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

How to restrict ftpusers in AIX to home directory?

I need to know how to restrict the ftpusers within their home directory in AIX 7.1 For example for ftpuser nonoftp I have tried putting this entry to /etc/ftpaccess.ctl and refreshed inetd but the directory listing unsuccessful error comes with the entry. Without the ftpaccess.ctl file ftp users... (2 Replies)
Discussion started by: pregmi
2 Replies

2. SCO

how to disabling root user

dear all, pls give the sollution to disable root login from telnet directly.but it should allow while we type su command (2 Replies)
Discussion started by: prakrithi
2 Replies

3. AIX

disabling telnet login for root only

Hi, I want to disable telnet login for root only so that other users can telnet? Regards, Manoj (8 Replies)
Discussion started by: manoj.solaris
8 Replies

4. UNIX Desktop Questions & Answers

how to check if a file ftpd to mainframe was actually ftpd

Hi All, I am ftping a file from unix to mainframe. Now the problem arises that i want to check if the file was ftpd or not. Is there any way i could do this? (4 Replies)
Discussion started by: vikas.rao11
4 Replies

5. AIX

Problems with disabling remote root login

Hello! I'm going through security checklist for AIX 5.3 and i just can't disable remote login for root through ssh. What i did: - in /etc/security/user i added a line: rlogin = false which works fine when i try to login through telnet - after installation of openSSH i edited... (3 Replies)
Discussion started by: veccinho
3 Replies

6. SCO

Disabling root login

Hy, Coud someone tell me how to disable root login via terminal (only from console should be allowed). There is no ssh installed, only telnet. I created a user which will have permission to su to root, but now i don't know where and what to modify to disable root login? SCO OpenServer 5 ... (1 Reply)
Discussion started by: veccinho
1 Replies

7. IP Networking

Change the root directory for apache, sshd and ftpd

Helo ! I want to do something and I don't know where to start... I want to make a small web hosting server (just for me and a few friends) and for the sake of learning I'd like to make an account for every user. The thing is that I want everyone to log into the server and to be put in his home... (3 Replies)
Discussion started by: Sergiu-IT
3 Replies

8. UNIX for Dummies Questions & Answers

FTPD, CHROOT, SMF and non-root user

Hello I am trying to configure WU-FTPD on Solaris 10 to do the following: Using the -r parameter to in.ftpd, I am running the FTP demon within a CHROOT jail (/export/ftp). The FTP service is also being controlled by SMF. This seems to work fine. However, one of the requirements I have is to... (2 Replies)
Discussion started by: CowsUdders
2 Replies
Login or Register to Ask a Question