Securing FTP/iX
# Commands are logged in FTPLOG##.ARPA.SYS where, ## ranges from 00-99.
# Syntax:
# Log_commands = {ON/OFF}
# Log_transfers = {ON/OFF}
Log_commands = On
Log_transfers = ON
6.3.5
Specific configuration rules for Log Commands and Log Transfers
ü
The default setting for each of these options is "OFF", thus logging of commands and file transfers is
disabled.
Note:
ü
The FTPLOG##.ARPA.SYS file is automatically built by the FTP/iX Client or server.
ü The limit on the number of records before a log file is automatically switched is 65500.
ü Fields in the log are “:” delimited to support importing of the log to spreadsheet applications
ü The date/time stamps are from the system on which the logging is done, and are not of the remote system.
ü
Any changes to this file will get reflected in the next FTP logon session.
The format of a command log is:
yyyy/mm/dd:hh.mm.ss:#J/#S:jobname,user.account:ip.ip.ip.ip:C/S:FTP Command
where:
l
yyyy/mm/dd:hh.mm.ss = Date/Time Stamp of the command
l #J/#S = The MPE Job/Session number
l jobname,user.account = MPE logon
l ip.ip.ip.ip = IP address of the remote system
l C/S = FTP Client or FTP server that is performing the logging
l
FTP Command = FTP internal client/server command.
The format of a transfer log is:
yyyy/mm/dd:hh.mm.ss:#J/#S:jobname,user.account:ip.ip.ip.ip:C/S:FTPCommands:I/O:I/A/B:bytes_received:seconds:Kbytes/sec
where:
l yyyy/mm/dd:hh.mm.ss = Date and Time Stamp of the transfer
l #J/#S = The MPE/iX Job/Session number
l jobname,user.account = MPE logon
l
ip.ip.ip.ip = IP address of the remote system
l
C/S = FTP client or FTP server that is performing the logging
l FTP Commands = Shortened FTP internal client/server file transfer command.
l I/O = Transfer request is Inbound or Outbound
l I/A/B = Transfer Mode = Image (binary), ASCII, Byte Stream
l bytes_received = Bytes received for entire file transfer
Page
17
of
28
Secure FTP on MPE/iX
7/18/2008
http://jazz.external.hp.com/papers/Securing
-
FTP
-
Whitepaper.html