120 lines
8.6 KiB
HTML
120 lines
8.6 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Control File Transfer Protocol access" />
|
|
<meta name="abstract" content="If you are using File Transfer Protocol (FTP), you need to control users to protect your data and network. This topic offers tips and security considerations." />
|
|
<meta name="description" content="If you are using File Transfer Protocol (FTP), you need to control users to protect your data and network. This topic offers tips and security considerations." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaiqrzaiqimplement.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaiqlepi.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaiqftpanon.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaiqftpbatch.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzaiqreferenceexit.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="http://www.redbooks.ibm.com/abstracts/sg244929.html" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="rzaiqseccontrolaccess" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Control File Transfer Protocol access</title>
|
|
</head>
|
|
<body id="rzaiqseccontrolaccess"><a name="rzaiqseccontrolaccess"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Control File Transfer Protocol access</h1>
|
|
<div><p>If you are using File Transfer Protocol (FTP), you need to control
|
|
users to protect your data and network. This topic offers tips and security
|
|
considerations.</p>
|
|
<p>If you want to allow FTP clients to access your system, be aware of the
|
|
following security concerns:</p>
|
|
<ul><li>Your object authority scheme might not provide detailed enough protection
|
|
when you allow FTP on your system. For example, when a user has the authority
|
|
to view a file (*USE authority), the user can also copy the file to a PC or
|
|
to another system. You might want to protect some files from being copied
|
|
to another system. </li>
|
|
<li>You can use FTP exit programs to restrict the FTP operations that users
|
|
can perform. You can use the FTP Request Validation Exit to control what operations
|
|
you allow. For example, you can reject GET requests for specific database
|
|
files.</li>
|
|
<li>You can use the Server logon exit point to authenticate users who log
|
|
on to the FTP server. Configure anonymous FTP describes how to use exit programs
|
|
to set up support for anonymous FTP on your system.</li>
|
|
<li>Unless you use Transport Layer Security (TLS) or Secure Socket Layer (SSL),
|
|
FTP passwords are not encrypted when they are sent between the client system
|
|
and the server system. Depending on your connection methods, your system might
|
|
be vulnerable to password theft through line sniffing.</li>
|
|
<li>If the QMAXSGNACN system value is set to 1, the QMAXSIGN system value
|
|
applies to TELNET but not to FTP. If QMAXSGNACN is set to 2 or 3 (values which
|
|
disable the profile if the maximum sign on count is reached), FTP logon attempts
|
|
are counted. In this case, a hacker can mount a denial of service attack through
|
|
FTP by repeatedly attempting to log on with an incorrect password until the
|
|
user profile is disabled.</li>
|
|
<li>For each unsuccessful attempt, the system writes message CPF2234 to the
|
|
QHST log. You can write a program to monitor the QHST log for the message.
|
|
If the program detects repeated attempts, it can end the FTP servers.</li>
|
|
<li>You can use the Inactivity timeout (INACTTIMO) parameter on the FTP configuration
|
|
to reduce the exposure when a user leaves an FTP session unattended. Be sure
|
|
to read the documentation or online help to understand how the INACTTIMO parameter
|
|
and the connection timer (for server startup) work together. <div class="note"><span class="notetitle">Note:</span> The QINACTITV
|
|
system value does not affect FTP sessions.</div>
|
|
</li>
|
|
<li>When you use FTP batch support, the program must send both the user ID
|
|
and the password to the server system. Either the user ID and password must
|
|
be coded in the program, or the program must retrieve them from a file. Both
|
|
these options for storing passwords and user IDs represent a potential security
|
|
exposure. If you use FTP batch, you must ensure that you use object security
|
|
to protect the user ID and password information. You should also use a single
|
|
user ID that has limited authority on the target system. It should have only
|
|
enough authority to perform the function that you want, such as file transfer.</li>
|
|
<li>FTP provides remote-command capability, just as advanced program-to-program
|
|
communications (APPC) and iSeries™ Access for Windows<sup>®</sup> do. The RCMD (Remote Command)
|
|
FTP-server subcommand is the equivalent of having a command line on the system.
|
|
Before you allow FTP, you must ensure that your object security scheme is
|
|
adequate. You can also use the FTP exit program to limit or reject attempts
|
|
to use the RCMD subcommand. FTP exit programs describes this exit point and
|
|
provides sample programs.</li>
|
|
<li>A user can access objects in the integrated file system with FTP. Therefore,
|
|
you need to ensure that your authority scheme for the integrated file system
|
|
is adequate when you run the FTP server on your system.</li>
|
|
<li>A popular hacker activity is to set up an unsuspecting site as a repository
|
|
for information. Sometimes, the information might be illegal or pornographic.
|
|
If a hacker gains access to your site through FTP, the hacker uploads this
|
|
undesirable information to your iSeries. The hacker then informs other
|
|
hackers of your FTP address. They in turn access your iSeries with FTP and download the undesirable
|
|
information. <p>You can use the FTP exit programs to help protect against
|
|
this type of attack. For example, you might direct all requests to upload
|
|
information to a directory that is write-only. This defeats the hacker's objective
|
|
because the hacker's friends will not be able to download the information
|
|
in the directory.</p>
|
|
</li>
|
|
</ul>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaiqrzaiqimplement.htm" title="You can protect your data by securing File Transfer Protocol (FTP) with Secure Sockets Layer (SSL), monitoring FTP users, and managing user access to FTP functions.">Secure File Transfer Protocol</a></div>
|
|
</div>
|
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
|
<div><a href="rzaiqftpanon.htm" title="Anonymous File Transfer Protocol (FTP) enables remote users to use the FTP server without an assigned user ID and password.">Configure anonymous File Transfer Protocol</a></div>
|
|
</div>
|
|
<div class="relref"><strong>Related reference</strong><br />
|
|
<div><a href="rzaiqlepi.htm" title="You can control the authentication of users to a TCP/IP application server with the TCP/IP Application Server Logon exit point.">Server logon exit point</a></div>
|
|
<div><a href="rzaiqftpbatch.htm" title="This topic provides examples of how to run File Transfer Protocol (FTP) in an unattended mode.">Run File Transfer Protocol in unattended mode using a batch job</a></div>
|
|
<div><a href="rzaiqreferenceexit.htm" title="You can use File Transfer Protocol (FTP) exit programs to secure FTP. The FTP server communicates with each exit program through a specific exit point. This topic includes parameter descriptions and code examples.">File Transfer Protocol exit programs</a></div>
|
|
</div>
|
|
<div class="relinfo"><strong>Related information</strong><br />
|
|
<div><a href="http://www.redbooks.ibm.com/abstracts/sg244929.html" target="_blank">AS/400 Internet Security: Protecting Your AS/400 from HARM in the Internet</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |