protect ftp server against dos-attax

[couzteau]

how can i protect my ftp server against denial of service attax?

it runs on osx 10.1.5

thanx

 

[gatorparrots]

Run from behind a NAT-based firewall/hardware router. Also, set up your ipfw to discard any unnecessary traffic (i.e. leave only open those ports that are essential to provide the intended service). Discard all other packets out-of-hand. This should eliminate any unnecessary and potentially service-degrading traffic.

 

[couzteau]

sorry, i should have been more precise.

my ftp-server is behind a firewall, which only allows ftp traffic.

i'm concerned about an attack using ftp-traffic (port 20/21).

is there something i can do?

 

[gatorparrots]

Change ports from the default 20/21. Security through obscurity works wonders for getting off the radar of most worms and port scanners out there.