Mailinglist Archive: opensuse-security (616 mails)

[Sven Michels <smichels@xxxxxxxxxxxx>]

Michael Garabedian wrote:
> 
> ...I am setting up a linux machine to do ftp and was wondering if there
> was a secure way to set this up so it is not hacked.  I used a Windows
> machine and it took someone two days to hack it.  Any ideas...

FTP is mostly insecure ... ftp sucks at all ;) but if you need it:
choose and ftpd who has only features you need. check out the
suse version of wu-ftpd, it was reviewed by the suse staff.
if wu-ftpd doesn't fit for you, take alook to other servers.
Check lists like this one for bad news about the ftpd you want
to use. keep your system up-to-date, close all services you don't
need, install sec-check scripts from marc heuse (http://www.suse.de
/~marc or on the cd's), try harden_suse also. Your system will
never be 'secure' but you can try to best to keep it secure as possible.

-- 
intraDAT AG                     http://www.intradat.com
Wilhelm-Leuschner-Strasse 7         Tel: +49 69-25629-0
D - 60329 Frankfurt am Main       Fax: +49 69-25629-256
         Junk mail is war. RFCs do not apply.