• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1225
  • Last Modified:

Solaris 10 zone Solaris security toolkit - no ftp

I've installed a new zone on my solaris 10. As I allmost allways do I run the Solaris Security Toolkit with jass-execute secure.driver
This turns off allmost everything I don't need, but for this zone I need ftp.
So, I ve done:
1. svcadm enable ftp  
2. netstat -a | grep LISTEN   = ftp is now LISTEN.  
3. svcs -v ftp      State=online
but then I try ftp localhost I get: 421 Service not available?
Any idea what I'm missing?
  • 2
3 Solutions
Hanno P.S.IT Consultant and Infrastructure ArchitectCommented:
Did run the abovementioned commmands in your global zone or in the non-global zone you just installed?
kristian_grAuthor Commented:
in the none-global zone. I don't want ftp in the global-zone.
I allso don't inherit any pkg-dir from the global zone.
Brian UtterbackPrinciple Software EngineerCommented:
It sounds like you may need to configure the ftpaccess file under /etc in the local zone. The error message you are seeing happens anytime the server closes the connection to the client. This can happen if the ftpd was started with -a and the client is not in the ftpaccess file, or if inetadm is configured to run ftpd with tcp-wrappers turned on. I believe Sun Security Toolkit does the latter and
possibly the former as well. If it is tcp-wrappers, then you also need to look for a /etc/hosts.deny and /etc/hosts.allow file.
Hanno P.S.IT Consultant and Infrastructure ArchitectCommented:
did you try a
  # inetadm -e ftp
to enable the FTP server?
To disable it, use
  # inetadm -d ftp

You may want to check /etc/ftpd/* config files, too. Especially ftpusers
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now