Securing FTP
FTP, as you learned in Chapter 27, “Configuring an FTP Server,” is another clear-text service that has inherent password authentication and therefore has the potential to be compromised by an attacker watching the wires. FTP is used frequently by users to do things such as uploading web pages, but it isn’t used at predictable, regular intervals like POP3 or IMAP. This makes FTP a bit less risky to your system than Telnet, but still worth securing.
Fortunately, secure FTP is just as easy to implement as SSH. If you’ve enabled SSH (as you learned to do in “Securing Terminal Traffic (SSH),” earlier in this chapter), secure FTP is available to your system. Encrypted FTP sessions actually operate over the SSH channel, with the SSH client ...
Get FreeBSD6 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
