« Change sshd Port | Main | Anonymous FTP Account »

December 31, 2005

Change FTP Port

After I changed the ssh port, combined with the changes of net.inet.tcp.blackhole and net.inet.udp.blackhole, now the server is completely free of ssh login attempts. I realized these two changes should be made together, it doesn't make much sense to change only one of them. For example, if only change the port, the server will still respond to the port scan, it very probably gets more scan activity. What if only changed the system varibles? Since the ports of common services are the main target, the evil people still can easily find the ports to attack.

This reminded me of the ports of other common service, especially FTP. There are also lots of attempts for anonymouse FTP account, the message in /var/log/messages look like:
pure-ftpd: [ERROR] Unable to set up secure anonymous FTP

I'm using pure-ftpd (switched from proftpd), very easy installation and worked very well.

I used command line to start pure-ftpd. But to change the port, configuration file is necessary.
Copy or rename /usr/local/etc/pure-ftpd.conf.sample to /usr/local/etc/pure-ftpd.conf.

I changed "NoAnonymous no" to
"NoAnonymous yes".

The default configuration for port:
# IP address/port to listen to (default=all IP and port 21).
# Bind 127.0.0.1, 21

It should be very easy to change this, but I coudn't figure out the format for "all IP", very silly :-(.

Start pure-ftpd with the configuration file:
# /usr/local/sbin/pure-config.pl /usr/local/etc/pure-ftpd.conf

Category : Security

Posted by FreeBSD Newbie at December 31, 2005 06:01 PM

Comments

Posted by at May 13, 2006 12:40 AM

Posted by FreeBSD Newbie at May 14, 2006 03:57 AM

Posted by Francois at February 14, 2008 10:30 PM

Posted by mm2004 at February 22, 2008 11:26 PM

Post a comment

Name:

Email Address:
(Optional, will not be shown to the public)

Remember Me? YesNo

Comments: (Comment with any URL will be discarded due to crazy spambots.