Quote:
Originally Posted by
hedkandi
Now, since it's an FTP server I can't disable that service, but how else do I harden this server from attacks from outside?
maybe you can replace ftp by sftp ?
Quote:
Originally Posted by
hedkandi
I am thinking of disabling the firewall and only allow communications with FTP ports, and also changing the Selinux to enforcing mode.
disable firewall ?
the real problem with FTP is that service sends all data in clear text. If you allow only FTP service ...imho it is a poor protection. SeLinux is a good start. What about chroot all ftp users ?