I got few notices about abuse threat. And scanned my servers by using Nessus3. Found few potential security holes. Enabled anonymous account for applications is the one of them. I am using pure-ftp server. Let’s see how to disable anonymous account. By the way, I am using SeSE linux distribution.
1. Find configuration file
server:/etc # pico pure-ftpd.conf
2. Modifying
# Don’t allow authenticated users – have a public anonymous FTP only.
AnonymousOnly yes
# Disallow anonymous connections. Only allow authenticated users.
NoAnonymous no
change to
# Don’t allow authenticated users – have a public anonymous FTP only.
AnonymousOnly no
# Disallow anonymous connections. Only allow authenticated users.
NoAnonymous yes
3. Restart
I don’t know how we restart pure-ftpd, so just kill the process and execute pure-ftp again
MCILab:/etc # ps -A | grep ftp
24601 pts/0 00:00:00 pure-ftpd
24623 ? 00:00:00 in.tftpd
24740 pts/0 00:00:00 pure-ftpd
MCILab:/etc #
MCILab:/etc # kill -9 24601
MCILab:/etc # kill -9 24623
MCILab:/etc # kill -9 24740
MCILab:/etc # pure-ftpd &
4. If anonymous account is not controlled by modifying pure-ftpd.conf, try below(actually more simple)
MCILab:/etc # ps -A | grep ftp
24601 pts/0 00:00:00 pure-ftpd
24623 ? 00:00:00 in.tftpd
24740 pts/0 00:00:00 pure-ftpd
MCILab:/etc #
MCILab:/etc # kill -9 24601
MCILab:/etc # kill -9 24623
MCILab:/etc # kill -9 24740
MCILab:/etc # pure-ftpd -E & <—– using -E option which is NoAnonymous option
** To see more option ; pure-ftpd –help