Generating a pure-ftpd RPM for Amazon’s Linux

The only ftp server the amzn repository has is vsftpd. While, as the name suggests, vsftpd is supposed to be ‘very secure’ many other ftp servers have a comparable track record for security. Of these, pure-ftpd is easily configured and offers a wealth of features. Pure-FTPd is easily configured, and as it comes with an… Continue reading Generating a pure-ftpd RPM for Amazon’s Linux

Using Wireshark to Debug FTPES through vsFTP

Using Wireshark to Debug FTPES through vsFTP While vsFTP is lightweight and has a relatively good track record, the verbosity of its logs is lacking. Without having an error logged, it can be considerably more difficult to find and resolve the problem. This issue is compounded when using an encrypted connection. After recently enabling FTP… Continue reading Using Wireshark to Debug FTPES through vsFTP

Configuring vsFTPd to use TLS

A typical FTP session, will send login information unencrypted. It is a fairly simple matter to configure vsftpd to use SSL/TLS and encrypt connections. You can either create a self-signed certificate for this purpose, or use an existing third-party issued certificate. Generate a self-signed certificate Firstly, we generate the private key (in this case, 2048… Continue reading Configuring vsFTPd to use TLS

Limiting brute-force attacks with IPTables

Update: a more comprehensive, tiered version of the procedure below is outlined in Escalating Consquences with ipTables. The material below is, however still applicable, and forms the basis for many more advanced implementations. For the past few weeks, I have noticed that the scale of attempted intrusions, on ssh, pop3, and ftp ports has increased… Continue reading Limiting brute-force attacks with IPTables

Installing vsftpd on Amazon’s Linux AMI

By default, Amazon’s Linux AMI provides only the amzn repository. While this repository does have quite a selection of packages, there are a few commonly used packages that are missing (e.g. php-mcrypt). On the FTP side, the only FTP server included is VS-FTP (vsftpd). While my personal preference has historically been pure-ftpd, this is a… Continue reading Installing vsftpd on Amazon’s Linux AMI