Securing FTP
There is not much you can do to secure the regular FTP server that ships with Solaris 8. It has some options you can use to control who can access FTP (using /etc/ftpusers) and do some logging (using the -l option). Aside from that, if you can use IP Security Architecture (IPsec) between the FTP client and server, that will solve most security problems associated with FTP.
/etc/ftpusers
If you run an FTP server, this file should be periodically checked and updated to contain the IDs of users you do not want to be able to use FTP. The default /etc/ftpusers installed with Solaris 8 lists the following users:
root
daemon
bin
sys
adm
lp
uucp
nuucp
listen
nobody
noaccess
nobody4
Do not remove any of these. Instead, add the ones that don’t need ...
Get Solaris 8 Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
