In general users should not connect to a machine using ftp to transfer files since the password is sent in clear text and, in principle, can be captured and used by others. The scp and sftp programs are secure replacements for ftp and should be used where ever possible.
Unless it is not supported on your architecture, please install ssh if it is not already installed (see xxx for information on installing ssh), and disable ftpd. See below for methods for disabling ftpd on various architectures.
The ftp network service is provided through the inetd socket listening daemon service which is common on many Unix like operating systems. Recently, Red Hat, with the release of it's 7.0 Linux distribution, migrated to the use of xinetd, a replacement for inetd. What follows are instructions on how to disable ftp for systems running inetd or xinetd. Also, there is a quick reference list for which systems are running inetd or xinetd.
To disable ftp, edit the file /etc/xinetd.d/wu-ftpd, and set the field labeled disable to yes.
Signal the xinetd daemon to reload its configuration by executing the commands
cd /etc/rc.d/init.d ./xinted reloadFinally, verify that the xinetd reloaded properly by looking at the output of the system log file using the following command.
tail -200 /var/log/messagesIf you don't see messages from xinetd indicating that it has reloaded its configuration, then contact your computer liaison.
To disable ftpd, edit /etc/inetd.conf and comment out the ftpd entry and then refresh inetd. In /etc/inetd.conf there is a line like
ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -awhich you can find by searching for the string ftp. Comment it out by putting the pound character ("#") at the beginning of the line so that the entry looks like
#ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -aSave the file and then send the UP signal to inetd. This can usually be done with the commands
cd /etc/rc.d/init.d ./inet reloadIf your inet rc script does not support "reload", or you cannot find an equivalent file in the /etc/rc* directory, then find the process id using
ps auxw | grep inetd | grep -v grepand send the process the HUP signal using
kill -HUP PIDwhere "PID" in the above is replaced by the actual process ID for inetd (the number returned in the second field of the "ps" command issued above).