https://community.cisco.com/t5/network-security/signature-to-prohibit-delete-of-files-folders-on-ftp-server/m-p/2424302#M45818 <HTML><HEAD></HEAD><BODY><P> It would be possible to create a TCP session signature that would trigger on the string "del" or "rm" with the destination IP address of your FTP server, but those text strings could appear in other traffic you may not want blocked.</P><P>The more reasonable way to accomplish this goal is to edit the user accounts on the FTP server to allow or deny the permissions you want the users to have. That way a privileged account could still manage your FTP server and perform all ftp functions.</P><P></P><P>- Bob</P></BODY></HTML> Mon, 03 Feb 2014 17:32:03 GMT rhermes 2014-02-03T17:32:03Z https://community.cisco.com/t5/network-security/signature-to-prohibit-delete-of-files-folders-on-ftp-server/m-p/2424301#M45817 <P>Hi,</P><P></P><P>Is there a signature that can detect ( and prohibit) delete action of files and folders on ftp server.</P><P>If none, is there a way to create customized signature?</P><P></P><P>we want our ftp server to allow only download and upload files and delete is not allowed from external network even they have privilege.</P><P></P><P></P><P>Regards,</P><P>Jhun</P> Sun, 10 Mar 2019 13:08:11 GMT https://community.cisco.com/t5/network-security/signature-to-prohibit-delete-of-files-folders-on-ftp-server/m-p/2424301#M45817 Jhun Banzuela 2019-03-10T13:08:11Z https://community.cisco.com/t5/network-security/signature-to-prohibit-delete-of-files-folders-on-ftp-server/m-p/2424302#M45818 <HTML><HEAD></HEAD><BODY><P> It would be possible to create a TCP session signature that would trigger on the string "del" or "rm" with the destination IP address of your FTP server, but those text strings could appear in other traffic you may not want blocked.</P><P>The more reasonable way to accomplish this goal is to edit the user accounts on the FTP server to allow or deny the permissions you want the users to have. That way a privileged account could still manage your FTP server and perform all ftp functions.</P><P></P><P>- Bob</P></BODY></HTML> Mon, 03 Feb 2014 17:32:03 GMT https://community.cisco.com/t5/network-security/signature-to-prohibit-delete-of-files-folders-on-ftp-server/m-p/2424302#M45818 rhermes 2014-02-03T17:32:03Z https://community.cisco.com/t5/network-security/signature-to-prohibit-delete-of-files-folders-on-ftp-server/m-p/2424303#M45819 <HTML><HEAD></HEAD><BODY><P> Thanks for the reply Bob.</P><P></P><P>We normally do all other tasks from internal network. From external network, we only allow download and upload.</P><P>So blocking delete from outside may be considered.</P></BODY></HTML> Wed, 05 Feb 2014 06:11:16 GMT https://community.cisco.com/t5/network-security/signature-to-prohibit-delete-of-files-folders-on-ftp-server/m-p/2424303#M45819 Jhun Banzuela 2014-02-05T06:11:16Z