RSS 1.0FTPplanet.com Blog
« FTPS versus SFTP...... Which to choose? | Main | New version of WS_FTP Server is about to be released! »
September 22, 2008
Securing an FTP Server
Today's blog posting if for you server admins out there.... Here's a good list of tips to secure your file transfer server courtesy of The Real Ping blog.
I believe the first recommendation is critical: "Assigning access control rules for the files and directories on the FTP server will ensure greater safety for your files. This way, only privileged user accounts can access sensitive data on the FTP server, while non-privileged user accounts can access only general files."
And the other suggestions he lists out are also very smart and easy to implement administrative safeguards for protecting files and data. Here are a few of the suggestions:
• Run the FTP servers on a separate bastion host on the DMZ.
• Use a proxy system to forward requests to the FTP server.
• Discourage the use of anonymous FTP access.
• Log all access to files so it is easy to trace users.
• Use secureFTP or other similar protocols to secure the data and the command channels (ie: SSL or SSH)
Two other suggestions I have: Rather than "discourage" anonymous FTP access, administrators should simply forbid it. And rather than simply allowing encrypted protocols like SSL and SSH, administrators should simply require connecting clients to use either encrypted SSL or SSH protocols.... And better yet, specify that it must be at 256-bit AES encryption strength.
Posted by Hugh Garber at September 22, 2008 07:31 AM digg this add to del.icio.us add to My Web Furl this page
Trackback Pings
TrackBack URL for this entry:
http://www.ftpplanet.com/cgi-bin/mt-tb.cgi/773
Quick Links
Featured Item