Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
657
Views
0
Helpful
2
Replies

Signature to prohibit delete of files/folders on ftp server

Jhun Banzuela
Level 1
Level 1

‎02-03-2014 12:30 AM - edited ‎03-10-2019 06:08 AM

Hi,

Is there a signature that can detect ( and prohibit) delete action of files and folders on ftp server.

If none, is there a way to create customized signature?

we want our ftp server to allow only download and upload files and delete is not allowed from external network even they have privilege.

Regards,

Jhun

Labels:
0 Helpful
2 Replies 2

rhermes
Level 7
Level 7

‎02-03-2014 09:32 AM

It would be possible to create a TCP session signature that would trigger on the string "del" or "rm" with the destination IP address of your FTP server, but those text strings could appear in other traffic you may not want blocked.

The more reasonable way to accomplish this goal is to edit the user accounts on the FTP server to allow or deny the permissions you want the users to have. That way a privileged account could still manage your FTP server and perform all ftp functions.

- Bob

0 Helpful

Jhun Banzuela
Level 1
Level 1
In response to rhermes

‎02-04-2014 10:11 PM

Thanks for the reply Bob.

We normally do all other tasks from internal network. From external network, we only allow download and upload.

So blocking delete from outside may be considered.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card