securing ftp...

[Afro Boy]

Hi,

Am hoping someone here can provide some advice. I've noticed some odd activity with people trying to log in via anonymous ftp (we haven't even gone 'live' yet!)

At any rate, I disabled anon ftp through whm.

I was wondering if there were any default installed user accounts that I should change the password for? We're on a RedHat server. Would changing these passwords throw anything off for cPanel?

Cheers,
Af.

[namehog]

I recommend that you turn off vsftpd in /etc.init.d using

./etc/init.d/vsftpd stop

and make sure that ProFTPD is running -

vsftpd will allow users to escape their FTP shell and move above their directory

[jamesbond]

I noticed I have a process called vsftpd running:

ps -auxwww | grep vsftpd

root 15922 0.0 0.0 1708 604 pts/2 R 22:25 0:00 grep vsftpd


I have no idea how this got installed in the first place.
It is not located at /etc/init.d/

[xerophyte]

hello,

ps -auxwww | grep vsftpd

root 15922 0.0 0.0 1708 604 pts/2 R 22:25 0:00 grep vsftpd

the above means grep vsftpd running, which is not equal to vsftpd running.

vsftpd comes with redhat install, you can remove it using rpm

hope that helps

[wipl_piyush]

Hi,

Well i m pasting a question instead of a answer..

My question is ow could i retrict the filepload size to a certain value. i.e iif i want that a any user can upload a file lesser than 3 Mb or so.