Please wrap your lines around 72 characters. In response to Vizion <[EMAIL PROTECTED]>: > > I wonder if someone could point me to a reliable detailed resource for > configuring an ftp server on freebsd 6.1 for both incoming and outgoing > files (including anonymous ftp). > > I do not want anonymous uploaders to view existing file names in > ftp/incoming or be able to download from incoming. I want the server as > secure as is reasonably practicable. The notes in the freebsd handbook are > not really comprehensive enough for me.
Please don't do this. Please don't even try. Never try to use the word "secure" in the same sentence as "ftp". They don't fit in the same sentence. Set up ssh, then have Windows users use WinSCP. Let me tell a little story. A few years back I was asked to set up "secure ftp" for a client. I argued, but he insisted, and "the customer is always right", so I set it up for him. The plan, to keep it secure, was to enable the FTP server when it was needed, and disable it when the transfer was complete. Well, one day he forgot to turn it off. A few weeks later he went to enable it for another transfer and noticed a bunch of files on the server he didn't recognize. Someone had guessed the password and was using his FTP server to transfer files of a most unsavory nature. After we destroyed the files, changed the passwords, etc -- he decided to keep using the FTP (in spite of the incident). The only problem, he argued, was that we'd forgot to turn it off. But the crook now had our address. The next time he enabled that server, it wasn't more than a few hours before the crook was using it to move around his files again. The guy must have set up some monitoring to alert him when the FTP site came up, then he either had a sniffer to get the password or he was able to brute-force it really fast. I tell that story when people tell me that the data their transferring isn't sensitive, and therefore using FTP isn't a security risk. It still is. The only time it's OK to use FTP is when it's download only and the files are publicly available. Any other time, FTP is a liability. -- Bill Moran http://www.potentialtech.com _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"