
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
361
Chapter 11
CHAPTER 11
Securing File Services
File transfers are among the most important Internet transactions. All Internet appli-
cations support file transfer in one form or another. In email, MIME attachments can
take virtually any form, including executables and archives. HTTP supports file
transfers with aplomb: “loading a web page” actually entails the downloading and
displaying of a multitude of text, graphic, and even executable code files by your
browser. Even Internet Relay Chat can be used to transfer files between chatters.
When all is said and done, however, email, HTTP, and IRC are all designed to han-
dle relatively small chunks of data. This chapter covers tools and protocols specifi-
cally designed for transferring large files and large quantities of files.
The File Transfer Protocol (FTP) in particular is one of the oldest and (still) most
useful methods for TCP/IP file transfers. Accordingly, this chapter covers both gen-
eral FTP security and specific techniques for securing the ProFTPD FTP server. But
FTP isn’t the best tool for every bulk-data-transfer job, so we’ll also cover scp and
rsync. These, unlike FTP, can be encrypted with the help of Secure Shell or Stunnel,
covered in Chapters 4 and 5, respectively. (Chapter 4 also covers SFTP, an FTP-like
frontend ...