Elastix ***SECURITY WARNING***

berncres

Joined
Nov 2, 2007
Messages
4
Likes
0
Points
0
#1
For those of you who haven't changed all your settings, do a "netstat -a" to ensure no one is connecting without your permission. Twice now I caught someone connecting to my server via FTP. The problem in this case is with the /etc/vsftpd/vsftpd.conf file. Unless you are specifically allowing ftp log in, the following line:
userlist_enable=YES
should be
userlist_enable=No
or commented out, like:
#userlist_enable=YES

I fixed it a couple of weeks ago, but when I did a yum update, the config file was overwritten, and someone connected again via FTP.

Be careful if your servers are public, make sure you are secure.

If others have any suggestions to further secure their servers, please share.
 

Members online

No members online now.

Latest posts

Forum statistics

Threads
30,902
Messages
130,886
Members
17,563
Latest member
dineshr
Top