FTP Properties
The following tables describes the FTP general properties.
Table 3-7 FTP General Properties
Property | Description |
---|---|
Port for incoming connections |
The port on which FTP listens. The default is 21. |
Maximum # of connections ("0" for unlimited) |
This is the maximum number of concurrent FTP connections. Set this to cover the anticipated number of concurrent users. By default this is 30, since each connection creates a system process and allowing too many (thousands) could constitute a DoS attack. |
Turn on delay engine to prevent timing attacks |
This inserts small delays during authentication to fool attempts at user name guessing via timing measurements. Turning this on will improve security. |
Default login root |
The default FTP login location that can be set so that all FTP users have a default FTP directory.
|
User home directories |
The location of FTP user home directories, relative to the default login root.
Leave this property empty to disable FTP user home directories and have all users log in to the default login location. |
Logging level |
The verbosity of the |
Permissions to mask from newly created files and directories |
File permissions to remove when files are created. Group and world write are masked by default, to prevent recent uploads from being writable by everyone. |
The following tables describes the FTP security properties.
Table 3-8 FTP Security Properties
Property | Description |
---|---|
Enable SSL/TLS |
Allow SSL/TLS encrypted FTP connections. This will ensure that the FTP transaction is encrypted. The default is disabled. |
SSL/TLS versions and ciphers |
SSL/TLS protocol versions and ciphers for FTP connections. The defaults are TLSv1.1, TLSv1.2 and their associated ciphers. TLSv1.0 is not enabled by default due to security concerns, but it can be enabled for backward compatibility. The list of available ciphers changes based on the selected versions. Some selected SSL/TLS protocol versions and/or ciphers are removed after a software upgrade if they are no longer supported. To avoid service unavailability, keep the default settings unless otherwise needed or as instructed by Oracle Support. |
Port for incoming SSL/TLS connections |
The port that the SSL/TLS encrypted FTP service listens on. The default is 21. |
Permit root login |
Allow FTP logins for the root user. This is off by default, since FTP authentication is plain text which poses a security risk from network sniffing attack. |
Maximum # of allowable login attempts |
The number of failed login attempts before an FTP connection is disconnected, and the user must reconnect to try again. The default is 3. |
Permit foreign data connection addresses |
Permits foreign FTP connections to enable direct transfer of files between FTP servers. This property is off by default. |
Related Topics