[thelist] Protecting port 21

[Anthony Baratta]

At 07:30 AM 6/20/2002, Samir M. Nassar wrote:

>It _is_ a security threat. And if you do want security I'd recommend
>allowing only SSH and SFTP access to the server. SSH is Secure Shell,
>and sftp is the secure file transfer protocol. Sftp uses port 22.

FWIW - *any* open port is a security threat. Doesn't matter if it's SSH,
Apache, IIS, or Timed. Any port blindly accepting connections is open to
exploit if there is a bug in the code.

Minh, it depends on what services you wish to provide. If you are only
interested in providing these services to internal users, then you can fire
wall the port to only accept connections to a range of IPs or a subnet.

If you need to have it open to the internet then using tools like SSH at
least encrypt the transmission from snoopers.
--
Anthony Baratta
President
Keyboard Jockeys

"Conformity is the refuge of the unimaginative."