Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 641
  • Last Modified:

ftp security in AIX 4.3

Can AIX ftp service restrict certain IP address from doing ftp to the AIX host. (eg allowing IP x.x.x.x to do ftp to the AIX host).

In HP-UX, this can be done at the inetd.sec file. Can this be done in AIX?
If yes, how?
0
joekwchen
Asked:
joekwchen
  • 2
1 Solution
 
chris_calabreseCommented:
I don't think you can do this directly with the stock AIX tools, but you could do it by running TCP Wrappers.  See ftp://coast.cs.purdue.edu/pub/tools/unix/tcp_wrappers/
0
 
markus_baertschiCommented:
Hello,

AIX has no built-in provision for restricting ftp access using the IP address.
I can give you three choices:
- Install the IBM Firewall software on the machine and use this to
  control access. This is an excellent high security solution, but might
  be overkill for your situation.
- Install TCP-wrappers. You can download smit-installable, compiled
  binaries downloaded from Bull. (See below)
- Install another ftp daemon. Wu-ftpd has lots of configuration features
  including access restrictions by host.

tcp-wrapper: http://www-frec.bull.com/download/out/tcp_wrappers-7.6.0.0.exe
wu-ftpd:
http://www-frec.bull.com/download/aix432/wu-ftp-2.6.0.0.exe
0
 
joekwchenAuthor Commented:
Thanx Markus, I've found another way, I configure  some filtering at Configure IP Security (IPv4) from smit.

Also thanx to chris.

0
 
markus_baertschiCommented:
Thanks to you too. I'm just looking into these IP filtering things. It looks
like a very useful feature. It must have been added recently, I was not
aware if it to be there !

Markus
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now