FTP is a veteran of Internet applications, which facilitates the sharing of corporate user files. However, security issues have always been around FTP. How to prevent an attacker from stealing important information from an FTP server by illegal means; how to prevent an attacker from using an FTP server to spread Trojans and viruses, and the like. These are all issues that system administrators need to pay attention to. This time I have used the most extensive VSFTP on the Linux operating system platform as an example to talk about how to improve the security of the FTP server.
1. Disable system level users to log in to the FTP server.
In order to improve the security of the FTP server, it is better for the system administrator to set up a separate FTP account for the employee, instead of giving the system-level user to the ordinary user, which brings great security risks. In the VSFTP server, you can manage the login account through the configuration file vsftpd.ftpusers. However, this account is a blacklist and the person listed in this account will not be able to use his account to log in to the FTP server. After deploying the VSFTP server, we can use the vi command to view this configuration file and find that it already has many default accounts. Among them, the system's superuser root is also in it. It can be seen that for security reasons, the VSFTP server prohibits the root account from logging in to the FTP server by default. If the system administrator wants to log in to the FTP server such as root, it is necessary to delete the root and other related user names in this configuration file. However, allowing the system account to log in to the FTP server will have a negative impact on its security, so I don't recommend it to the system administrator. It is best for the relevant system account administrators in this file not to change, and keep the settings of these accounts.
If for some other reason you need to disable other accounts, you can add the account name to this file. For example, an FTP server and a database server may be deployed on the server at the same time. So for security reasons, it is a good idea to include the database administrator's account in this blacklist.
Second, strengthen the control of anonymous users.
Anonymous users are those accounts that are not defined in the FTP server, and FTP system administrators still need to log in for easy management. However, they have not obtained the authorization of the server after all. In order to improve the security of the server, they must limit their permissions. There are also many parameters on the VSFTP server that can be used to control the permissions of anonymous users. The system administrator needs to perform related configuration work according to the security level of the FTP server. It should be noted that the stricter the control of the anonymous user's rights, the higher the security of the FTP server, but the convenience of user access is also reduced. Therefore, the system administrator still needs to achieve a balance between server security and convenience.
The following are some of the recommended configurations for anonymous users. If you don't know how to configure them, you can refer to these configurations. These configurations take into account the security of the server and the convenience of the user.
One is the parameter anon_world_readable_only. This parameter is mainly used to control whether anonymous users can download readable files from the FTP server. If the FTP server is deployed inside the enterprise and is mainly used by internal employees, it is best to set this parameter to YES. Then put some publicly available forms, such as corporate common forms, on top of them, so that employees can download these files anonymously. This will not affect the security of the FTP server, but also facilitate the convenience of other employees.
The second parameter is anon_upload_enable. This parameter indicates whether anonymous users can upload files to the FTP server with anonymous access. Normally, this parameter should be set to No. That is, users are not allowed to upload files during anonymous access. Otherwise, if anyone can upload a file, if the other party uploads a virus file, the enterprise is not going to suffer. Therefore, anonymous users should be prohibited from uploading files. But there are exceptions to this. For example, some enterprises use the FTP protocol to back up files. At this time, if the security of the enterprise network is guaranteed, you can set this parameter to YES, which allows the operating system to invoke FTP commands to back up files on the FTP server. In this case, anonymous access is often used to simplify the deployment of backup programs. Therefore, anonymous users are required to upload files on the FTP server.
The third parameter is anon_other_write_enable and the parameter anon_mkdir_write_enable. These two parameters mainly involve some of the more advanced permissions of anonymous users. For example, the first parameter indicates that the anonymous user has permission to upload and create subdirectories, such as changing the name of the file on the FTP server. The second parameter means that anonymous users can create subdirectories under specific circumstances. These features will affect the security of the FTP server and the security of the file. For this reason, these permissions should be disabled unless there is a special need. That is, set the value of these parameters to NO. I think that unless the FTP server is used by the system administrator, you can turn on these parameters. Otherwise, set these parameters to NO as well to improve the security of the FTP server.
In general, the control of anonymous users should follow the principle of minimum authority. Because anonymous users are users who are not authorized by the FTP server, deep level access control cannot be performed. For this purpose, control of this is only possible through these basic parameters.
Third, do a good job of directory control.
Typically, system administrators need to set up different root directories for each different user. For the sake of security, to prevent mutual interference between different users, the system administrator needs to set the root directory that does not allow users to access other users. For example, some companies set up an FTP account for each department to facilitate their exchange of documents. Then the sales department Sales has a root directory sales; the warehouse department has a root directory Ware. As sales employees, they can access any subdirectory under their own root directory, but they cannot access the root directory Ware of the warehouse user. In this case, the sales department staff will not be able to access the files of the warehouse users. It can be seen that by restricting users from accessing directories other than the root directory, it is possible to prevent mutual interference between different users, so as to improve the security of files on the FTP server. To do this, set the parameter chroot_local_user to NO. After this setting, all users who log in locally cannot enter other directories than the root directory. However, when doing this control, it is best to set up a directory that everyone can access to store some public files. We must protect the security of the server, and it can not affect the normal sharing of files.
Fourth, the transmission rate is limited.
Sometimes in order to ensure the stable operation of the FTP server, you need to limit the rate of uploading and downloading files. For example, on the same server, FTP server, mail server, etc. are deployed respectively. In order for these application services to coexist peacefully, it is necessary to control the maximum transmission rate. Because the bandwidth of the same server is the biggest limit. If an application service occupies a relatively large bandwidth, it will adversely affect other application services, and even cause other application services to fail to meet the needs of the corresponding users. If there are times when FTP is used differently, you also need to set a maximum rate limit. For example, if FTP is used for file backup and file upload and download, in order to improve the efficiency of file backup and shorten the backup time, the maximum rate of file upload and download needs to be limited.
In order to achieve the transfer rate limit, the system administrator can set the local_max_rate parameter. By default, this parameter is not enabled, ie there is no limit on the maximum rate. However, for these reasons, I still recommend that system administrators set this parameter before putting the FTP server into production. Prevent negative impacts on other application services because uploading and downloading consumes too much bandwidth. System administrators need to achieve a balanced and reasonable allocation of bandwidth between application services. At the very least, ensure that each application service responds to the client's request. In addition, when possible, a peak-to-peak operation needs to be performed. For example, a mail server and an FTP server are simultaneously deployed on one host. The FTP server is mainly used for file backup. In order to prevent file backup from adversely affecting the sending and receiving of mail (because file backup requires a relatively large bandwidth will greatly reduce the speed of mail sending and receiving), it is best to separate the file backup from the peak period of mail sending and receiving. If the general situation is the peak period of mail delivery in the morning, then do not use the FTP service for file backup. When you take a break at noon, you usually send and receive emails less. At this point you can use FTP for file backup. So if the FTP server and other application services run at the wrong peak, then you can set this rate to be larger to improve the efficiency of the FTP service. Of course, this puts higher requirements on the system administrator. Because system administrators need to analyze various applications and then combine server deployment for comprehensive planning. Unless there are higher measures and better conditions, it is necessary to transfer the maximum rate to the FTP server. Otherwise, it will have a very large adverse impact on other information services deployed in the enterprise, which will cause the enterprise network to block.
What is a webpage? A webpage is a malicious attacker who, after attacking a WEB w
From the system architecture point of view, the current commercial servers can be roughly divided in
The subject of this article is the SELinux configuration on RHEL 5. RHEL also provides a graphical u
[Introduction] The website has become a fashion stage for self-expression and self
Windows2003 Domain Rename Tool (1)
Eight Ways to Improve the Execution Efficiency of IIS 5.0 Web Servers
Installation and pay attention to matters of a
Event Code: 3005 Event Message: A resolution of an unhandled exception occurred
Break the limit and let the IIS server run on demand
Top Ten Steps to Building a Secure Personal Web Server
Nginx anti-theft chain settings (detail)
How to set up a DHCP server under Win2000 Server
Comprehensive interpretation: What is a Web service?
Time service has 86400 seconds without solving the problem with system time synchronization
Use windows2000 to set up your own FTP SERVER
What should be paid attention to in the management of enterprise leased servers?
Win7 boot shows garbled solution
Metro version of IE10 and desktop version of IE10 against
Win8 disk used space and file size does not match
How to help Ai Si assistant equipment move home Ai Si assistant equipment moving tutorial
How does win7 computer restore system fonts?
"Local Area Connection" property is disabled solution
Setting up the agent is just a few steps Win8.1 VPN Concise Tutorial