ANONYMOUS FTP CONFIGURATION GUIDELINES

The Computer Emergency Response Team (CERT) is often contacted about
anonymous ftp.  Anonymous ftp can be a valuable service and secure if
correctly configured and administered?

We strongly suggest using the most recent version of the FTP daemon,
ftpd. As of February 1992,  the Berkeley version 5.60 of July 22, 1990
was the most current BSD version.  Check with your vendor for
information on your system's FTP daemon.

The anonymous ftp root directory (~ftp) and its two subdirectories
(~ftp/etc and ~ftp/bin) should not be owned by the ftp account.  This
is a common configuration problem.  If the directory is owned by ftp
and isn't write protected, an intruder would be able to add files such
as a .rhosts file and to modify other files. Making the ftp root
directory and its two subdirectories owned by root and protected so
that only root has write permission (chmod 755 ~ftp) will help to keep
your anonymous ftp service secure.

Here is an example of an anonymous FTP directory setup:

        drwxr-xr-x  7   root    ftp     512 Mar 1       15:17 ./
        drwxr-xr-x 25   root    system  512 Jan 4       11:30 ../
        drwxr-xr-x  2   root    ftp     512 Dec 20      15:43 bin/
        drwxr-xr-x  2   root    ftp     512 Mar 12      16:23 etc/
        drwx-wx-wx  2   root    ftp     512 Jun 13      18:15 incoming/
        drwxr-xr-x 10   root    ftp     512 Jun 5       10:54 pub/

We strongly advise not using the system's /etc/passwd file as the
password file or /etc/group as the group file in the ~ftp/etc
directory.  This would permit intruders to get a copy of these files. 
Use a dummy copy of both files. Make sure that the password field has
been cleared.

Below is an example of an ~ftp/etc/passwd file:

        ssphwg:*:3144:20:Site Specific Policy Handbook Working Group::
        cops:*:3271:20:COPS Distribution::
        cert:*:9920:20:CERT::
        tools:*:9921:20:CERT Tools::
        ftp:*:9922:90:Anonymous FTP::
        nist:*:9923:90:NIST Files::

Here is an example ~ftp/etc/group file:

        cert:*:20:
        ftp:*:90:

If you need to allow write permission for anonymous ftp users, we
suggest creating an incoming directory.  Permit this directory to have
write and execute permission.  This will permit an anonymous ftp user
to copy a file into this directory at the same time preventing others
from knowing it is in the directory.  The ftp command DIR will not work
in this directory due to the directory's protection.