Controlling FTP Access
FTP access is not something you should enable lightly; although it's crucial for your users to have access to it for uploading files (such as Web pages) to your server, it's also a potential source of security issues—it's a cleartext mechanism, meaning that all data (including passwords) is transmitted unencrypted and available to anybody eavesdropping with packet-sniffing software. As we will see in Chapter 29, “Network Security,” most major cleartext services can be superseded by a secure equivalent: Telnet with SSH, HTTP with Secure HTTP, and POP3 and IMAP with their own built-in encryption layers. FTP, however, is inherently insecure, and although several secure solutions have been put forth (such as Brian Wellington's ...
Get FreeBSD® Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
