Solved

ftp security in AIX 4.3

Posted on 2000-03-22
4
616 Views
Last Modified: 2013-12-06
Can AIX ftp service restrict certain IP address from doing ftp to the AIX host. (eg allowing IP x.x.x.x to do ftp to the AIX host).

In HP-UX, this can be done at the inetd.sec file. Can this be done in AIX?
If yes, how?
0
Comment
Question by:joekwchen
  • 2
4 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 2645059
I don't think you can do this directly with the stock AIX tools, but you could do it by running TCP Wrappers.  See ftp://coast.cs.purdue.edu/pub/tools/unix/tcp_wrappers/
0
 
LVL 1

Accepted Solution

by:
markus_baertschi earned 100 total points
ID: 2652599
Hello,

AIX has no built-in provision for restricting ftp access using the IP address.
I can give you three choices:
- Install the IBM Firewall software on the machine and use this to
  control access. This is an excellent high security solution, but might
  be overkill for your situation.
- Install TCP-wrappers. You can download smit-installable, compiled
  binaries downloaded from Bull. (See below)
- Install another ftp daemon. Wu-ftpd has lots of configuration features
  including access restrictions by host.

tcp-wrapper: http://www-frec.bull.com/download/out/tcp_wrappers-7.6.0.0.exe
wu-ftpd:
http://www-frec.bull.com/download/aix432/wu-ftp-2.6.0.0.exe
0
 

Author Comment

by:joekwchen
ID: 2656100
Thanx Markus, I've found another way, I configure  some filtering at Configure IP Security (IPv4) from smit.

Also thanx to chris.

0
 
LVL 1

Expert Comment

by:markus_baertschi
ID: 2656386
Thanks to you too. I'm just looking into these IP filtering things. It looks
like a very useful feature. It must have been added recently, I was not
aware if it to be there !

Markus
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question