02-03-2014 12:30 AM - edited 03-10-2019 06:08 AM
Hi,
Is there a signature that can detect ( and prohibit) delete action of files and folders on ftp server.
If none, is there a way to create customized signature?
we want our ftp server to allow only download and upload files and delete is not allowed from external network even they have privilege.
Regards,
Jhun
02-03-2014 09:32 AM
It would be possible to create a TCP session signature that would trigger on the string "del" or "rm" with the destination IP address of your FTP server, but those text strings could appear in other traffic you may not want blocked.
The more reasonable way to accomplish this goal is to edit the user accounts on the FTP server to allow or deny the permissions you want the users to have. That way a privileged account could still manage your FTP server and perform all ftp functions.
- Bob
02-04-2014 10:11 PM
Thanks for the reply Bob.
We normally do all other tasks from internal network. From external network, we only allow download and upload.
So blocking delete from outside may be considered.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide