Copyright(c), 1995 - Management Analytics and Others - All Rights Reserved
SITE EXEC is disabled in the ftp daemon (TCP port 21).
Ftp runs setUID in a chroot area.
No executable within the Ftp chroot area is a program that would be risky to have run by an outsider while logged in as root.
All Ftp delete, overwrite, rename, chmod and umask options are NOT allowed for guests and anonymous users.
There is a /etc/ftpusers file which specifies those users that are NOT allowed to connect to your ftpd.
The /etc/ftpusers file includes but is not limited to root, bin, uucp, ingres, daemon, news, nobody, and ALL vendor supplied accounts.
The chroot area used by ftp does NOT contain a copy of the real /etc/passwd file.
The /etc/passwd file in the Ftp chroot area is either nonexistent or follows all rules of password files listed earlier.
The /etc/passwd file in the Ftp chroot area has :*: in the password field and '/bin/false' in the shell field of all system accounts.
The /etc/passwd file in the Ftp chroot area is protected at 444 and owned by Root.
you DO NOT have a copy of your real /etc/group file in the Ftp Chroot area.
The files ftp/.rhosts and ftp/.forward within the Ftp Chroot area are nonexistent or are zero length, have permissions 600, and are owned by Root.
All directories and files other than special directories intended for writing within the Ftp Chroot area are owned by another user and protected to disallow any file creation, deletion, or writing.
No writable are in the Ftp Chroot area is contained in any directory that is the home directory of any user specified in the Ftp or system /etc/passwd file.
NO files or directories are owned by the ftp account or have the same group as the ftp account.
The anonymous ftp user cannot create files or directories in ANY directory.
The ftp user can only read information in public areas.
The permissions of the ftp home directory (ftp in the Chroot area) are set to 555 (read nowrite execute), owner set to root (NOT ftp).
the system subdirectories /etc and /bin in the Ftp Chroot area have the permissions 111 only, owner set to root.
The permissions of files in /etc in the Ftp Chroot area are set to permissions 444 only, owner set to root.
/usr/spool/mail/ftp is owned by root with permissions 400.
Any writable directories in the Ftp Chroot area are write-only and have no read privileges.
The ftp Chroot area is in a distinc disk partition from other system areas.
No disk areas in the ftp Chroot hierarchy are ever mounted from a remote file server.
You are using the most recent version of the ftp daemon.
You are not using a version of wu-ftp prior to 2.4.
With maximum value of