Can I safely shut down FTP ?

dbutch1976

Hello,

I recently took over managing a heavily used SFTP server, however, I am getting grief from my security team because FTP (port 21) is also open and listening on the server. This is only open internally, however, it is still viewed as a security issue and they want it shut down.

Is there a way that I can be certain that no clients are connecting to the SFTP server using regular FTP?
I've searched the logs for anything connecting over pot 21 and I don't see anything.

So, can I safely shut this port down? And if so, can someone direct me to the instructions to do so?

Thanks.

Find more posts tagged with

Accepted answers

All comments

dodster

Really depends on how your MFT system has been set up

Check your main MFT System logs, if you have them,

you may have confirmation of port connections: 'Connected to 10.2.167.3 (local address 10.5.4.103, port 22)'

Otherwise in your MFT domain check your listeners and disable port 21 for whatever time period (Day, week), that way you can quickly enable if needed

Once you determine no longer required delete the listner.

My only other suggestion might be to set up a new domain with the listners you need and set the hostnames to the ones you want to accept ie sftp@yourdomain.com and the port and monitor the old domain for the connections.

donrobert5

If it's used internally, send an email blast for maintenance.