Michael Stauber wrote: > You could of course disable FTP altogether and tell your customers to use > "scp" instead. It's part of SSH (with the OpenSSH-package you installed it as > well) and is basically a "secure copy".
While we don't turn off FTP, we recommend that clients use SCP to upload files to their site. If they don't, it's their password that gets compromised, not ours <wry grin>. > By all means. It's a nice way to block ports, IP-addresses, entire subnets > and undesired protocols. But once it is installed and *before* you use it you > should take special care to read up on the ipchains documentation. It's easy > (and embarassing) to lock yourself out of the machine. Happened to me more > than once. ;o) Will you share your rules, Michael <smile>? Pretty please <smile, again>????? Jeff -- Jeff Lasman <[EMAIL PROTECTED]> Linux and Cobalt/Sun/RaQ Consulting nobaloney.net P. O. Box 52672, Riverside, CA 92517 voice: (909) 778-9980 * fax: (702) 548-9484 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
