How to establish a safe PROFTPD application experience

PROFTPD is aimed at the weak points of wu-ftp development, in addition to improved security, but also with many wu-ftp characteristics, can be stand-alone, xinetd mode of operation. ProFTP has become the most popular after wu-ftp FTP server software, more and more sites to choose it to build a safe and efficient FTP site, proftp configuration convenient, and there are MySQL and quota modules to choose from, The perfect combination of them enables the management of a system-limited account and user disk limitations.

First, the PROFTPD service faces the security hidden danger

The security risks of PROFTPD service include: Buffer overflow attack (buffering Overflow), data sniffing and anonymous access defects.

1. Buffer Overflow attack

For a long time, buffer overflow has become a problem of computer system. The most notable case of an attack using a computer buffer overflow vulnerability was the Morris worm, which took place in November 1988. But even if its harm is known, buffer overflow is still an important means of intrusion now. The concept of buffer overflow: buffer overflow is like putting 100 kilograms of cargo into a container that can only be loaded in 10 kg.

A buffer overflow vulnerability is a problem that has plagued security experts for more than 30 of years. In short, it is a memory error in the software that is caused by the programming mechanism. Such a memory error makes it possible for a hacker to run a malicious code to disrupt the system's normal operation and even gain control over the entire system.

2. Data sniffing

FTP is a traditional network service program, is inherently unsafe, because they send passwords and data in clear text on the network, it is very easy for the people with ulterior motives to intercept these passwords and data. Furthermore, the security authentication methods of these services have their own weaknesses, and are vulnerable to the "middleman" (Man-in-the-middle) attack in this manner.

The so-called "middleman" mode of attack, is the "middleman" impersonating a real server to receive the data you pass to the server, and then impersonate you to the data to the real server. When the data transfer between the server and you has been tampered with by the middleman, there will be serious problems. The main way to intercept these passwords is to brute force. In addition, using the sniffer program to monitor the network packet capture FTP start session information, you can easily intercept the root password.