Using TCP/IP › Using FTP › Considerations for Securing FTP

Considerations for Securing FTP

Users accessing FTP must log on to the service before using it. This requires them to supply their userids and passwords and for their userids to have access to the TCPIP facility.

FTP also supports anonymous logons. In the FTPDATA configuration file, the parameter ANONYMOUS controls whether this feature can be used. The parameter can be specified in one of three ways:

• The parameter is specified without a following userid, and an FTP user specifies anonymous at logon time, RACINIT are issued for the ACID ANONYMOU. If this ACID is defined to CA Top Secret and has access to the TCP/IP facility, the user is allowed to log on and run under the authority of the “ANONYMOU” ACID.

  ANONYMOUS
  

• The parameter is specified with a userid. The user must provide the correct password for this userid.

  ANONYMOUS userid
  

• The parameter is specified with both USERID and PASSWORD, these values are used to sign on the user.

  ANONYMOUS userid/password
  

ANONYMOUS logon should be carefully considered, and if used, is a candidate for auditing.