Solved

ftp security in AIX 4.3

Posted on 2000-03-22
4
629 Views
Last Modified: 2013-12-06
Can AIX ftp service restrict certain IP address from doing ftp to the AIX host. (eg allowing IP x.x.x.x to do ftp to the AIX host).

In HP-UX, this can be done at the inetd.sec file. Can this be done in AIX?
If yes, how?
0
Comment
Question by:joekwchen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 2645059
I don't think you can do this directly with the stock AIX tools, but you could do it by running TCP Wrappers.  See ftp://coast.cs.purdue.edu/pub/tools/unix/tcp_wrappers/
0
 
LVL 1

Accepted Solution

by:
markus_baertschi earned 100 total points
ID: 2652599
Hello,

AIX has no built-in provision for restricting ftp access using the IP address.
I can give you three choices:
- Install the IBM Firewall software on the machine and use this to
  control access. This is an excellent high security solution, but might
  be overkill for your situation.
- Install TCP-wrappers. You can download smit-installable, compiled
  binaries downloaded from Bull. (See below)
- Install another ftp daemon. Wu-ftpd has lots of configuration features
  including access restrictions by host.

tcp-wrapper: http://www-frec.bull.com/download/out/tcp_wrappers-7.6.0.0.exe
wu-ftpd:
http://www-frec.bull.com/download/aix432/wu-ftp-2.6.0.0.exe
0
 

Author Comment

by:joekwchen
ID: 2656100
Thanx Markus, I've found another way, I configure  some filtering at Configure IP Security (IPv4) from smit.

Also thanx to chris.

0
 
LVL 1

Expert Comment

by:markus_baertschi
ID: 2656386
Thanks to you too. I'm just looking into these IP filtering things. It looks
like a very useful feature. It must have been added recently, I was not
aware if it to be there !

Markus
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question