Chapter 3. Security Issues

Table of Contents
Securing ftp servers
Daemon security
Password Issues
Server attacks
Firewall issues
Security by obscurity and warnings
How can I control what commands the server accepts?
Secure Sockets Layer (SSL)

As with all services there is the risk that abuse can happen or that a crack attempt will be made on the hosting server. As a general rule crackers will attempt to break in through known holes in the various server daemons running.

The cautious and security conscious system admin should be aware of the two main avenues for abuse, external and internal. I will consider external attacks to be those made by individuals without valid accounts or "user" level access to the server. Internal I will consider as being those individuals with authenticated user access of some form to the server.

Server Security security holes weak passwords Abuse of server warez dumping ground

Securing ftp servers

In general there is not much more to securing a ftp server than there is to any other public access server. However the twin socket design and thus the requirement to never quite give up root privileges completely leaves a window ajar for the competent cracker to climb through. Or occasionally a thumping great sign and open door for a script kiddie with some time to spare.

Proftpd provides for some additional security by it's use of chroot(), user and IP access limits, command and path filters to limit what and where files can be uploaded and it's attention to when root privs are needed and when they are not. However a buffer overflow in the wrong place and it's possible that the server is compromised beyond hope.

Simple steps which can be taken to tighten security include