Unfortunately the default FTP daemon is pretty simple and you have to give it a list of all users who are denied access, in the not very logically named /etc/ftpusers.
This means that every time you add new users you have to remember to update this file. Therefore it's a good idea to automate it, maybe run a job out of cron that does something like:
Hi everybody !
We have all flavors of Unix / Linux and we want to restrict ftp users to telnet our servers.
We can't disable telnet because we have other users using it.
:confused: Are there any thing that could be done to solve this thing ???
Best regards,
Julio Moreira (11 Replies)
When I ssh to my box, an Ultra 5. I get prompted for password immediately. I enter it and have to wait sometimes a full minute for it to prompt for a password.
The same thing happens when i try to ftp to the box, it will say connected, but it takes forever to prompt for password, and... (2 Replies)
Hello,
A couple of times per week, i receive emails notifications when files are available for processing.
Currently i read these eamails with a java program and store the attachement on my C: drive and would now like to generate a PC script to send this file name up to UNIX-Solaris and... (3 Replies)
Hi guys, Can you please help me.
I have SUN V100 server running solaris 8.
I also have a Redhat Linux 6.2 machine and a windows XP machine on the network.
I'm trying to copy files from the Linux and XP machines to the V100 server.
When I try to ftp to the solaris machine, I'm challenged... (2 Replies)
Hi,
I want to block all outgoing connection ( the IMAP ) to my exchnage . I have to do it in my solaris server; from solaris host no outgoing connection can be made to the imap server.
Please help me to configure that.
I am new in solaris.
Kind regards,
Akhtar (2 Replies)
Hi,
I need to install a program on my Centos 5.3 server that will block unauthorized ssh/ftp access attempts. The two features I require is that I should be able to configure the program to block the IP of the intruder after a a certain amount of access attempts and that it should display a... (3 Replies)
Hi,
I am unable to login into my terminal hosting Solaris 10 and get the below error message
"Server refused to allocate pty
ld.so.1: sh: fatal: libc.so.1: open failed: No such file or directory "
Is there anyways i can get into my machine and what kind of changes are required to be... (7 Replies)
Hey everyone,
I am trying to get a 2GB patch cluster FTP'd to a solaris 10 server. I have tried logging in via ftp, and both with root as well as my personal account, I get "Login Incorrect." I have verified that I can log in using telnet.
-bash-3.00$ netstat -a |grep ftp
*.ftp ... (10 Replies)
OS: Solaris 9
Configuration /etc/syslog.conf
daemon.debug
/etc/inetd.conf
ftp stream tcp6 nowait root /usr/sbin/in.ftpd in.ftpd -A -l -d
Found the ftp.log only generate those entries from other servers/hosts.
Can we trace on all ftp entries either from/to the server?
... (6 Replies)
among the below socket programming api's, please let me know which are blocking and non-blocking.
socket
accept
bind
listen
write
read
close (2 Replies)
Discussion started by: VSSajjan
2 Replies
LEARN ABOUT SUNOS
ftpusers
ftpusers(4)ftpusers(4)NAME
ftpusers - file listing users to be disallowed ftp login privileges
SYNOPSIS
/etc/ftpd/ftpusers
The ftpusers file lists users for whom ftp login privileges are disallowed. Each ftpuser entry is a single line of the form:
name
where name is the user's login name.
The FTP Server, in.ftpd(1M), reads the ftpusers file. If the login name of the user matches one of the entries listed, it rejects the login
attempt.
The ftpusers file has the following default configuration entries:
root
daemon
bin
sys
adm
lp
uccp
nuucp
smmsp
listen
nobody
noaccess
nobody4
These entries match the default instantiated entries from passwd(4). The list of default entries typically contains the superuser root and
other administrative and system application identities.
The root entry is included in the ftpusers file as a security measure since the default policy is to disallow remote logins for this iden-
tity. This policy is also set in the default value of the CONSOLE entry in the /etc/default/login file. See login(1). If you allow root
login privileges by deleting the root entry in ftpusers, you should also modify the security policy in /etc/default/login to reflect the
site security policy for remote login access by root.
Other default entries are administrative identities that are typically assumed by system applications but never used for local or remote
login, for example sys and nobody. Since these entries do not have a valid password field instantiated in shadow(4), no login can be per-
formed.
If a site adds similar administrative or system application identities in passwd(4) and shadow(4), for example, majordomo, the site should
consider including them in the ftpusers file for a consistent security policy.
Lines that begin with # are treated as comment lines and are ignored.
/etc/ftpd/ftpusers A file that lists users for whom ftp login privileges are disallowed.
/etc/ftpusers See /etc/ftpd/ftpusers. This file is deprecated, although its use is still supported.
/etc/default/login
/etc/passwd password file
/etc/shadow shadow password file
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWftpr |
+-----------------------------+-----------------------------+
|Interface Stability |External |
| | |
| /etc/ftpd/ftpusers | |
+-----------------------------+-----------------------------+
|Interface Stability |Obsolete |
| | |
| /etc/ftpusers | |
+-----------------------------+-----------------------------+
login(1), in.ftpd(1M), ftpaccess(4), ftphosts(4), passwd(4), shadow(4), attributes(5), environ(5)
1 May 2003 ftpusers(4)