Best Practices for Security on RIO Systems: Disable Real-Time FTP Server

Publish Date: Oct 18, 2011 | 2 Ratings | 3.00 out of 5 | Print | Submit your review

Overview

This article discusses methods for disabling the unsecured Real-Time FTP server on RIO devices. By default, the FTP server is turned on, posing a vulnerability for systems which need to be securely deployed. This article is a part of the Best Practices for Security on RIO Systems documentation. You can return to the overview for this set documentation at: Overview of Best Practices for Security on RIO Systems.

Table of Contents

  1. Caveats to Disabling the FTP Server
  2. Shutdown RT FTP Server VI
  3. Edit the ftpserve Filename

1. Caveats to Disabling the FTP Server

While disabling the open FTP server imparts security benefits to deployed RIO systems, there are a few caveats:

  1. When the FTP server is disabled, it will not be possible to add or remove software from the RIO device. This functionality relies on the open FTP server, and will not work if the FTP server is disabled. 
  2. It will still be possible to deploy code (.vi) and Real-Time Executable (.rtexe) files to the device when the FTP server is disabled.
  3. The FTP server will always be active when the RIO device is booted into Safe Mode. 
  4. The file browser built into the Web Configuration and Monitoring Tool will function when the FTP server is disabled. This provides a means to access the filesystem on the RIO device to edit, upload, or download files over HTTP or HTTPS. Managing the Web Configuration and Monitoring Tool securely is discussed in the Best Practices for Security on RIO Systems: Part 1 Recommended article.

Back to Top

2. Shutdown RT FTP Server VI

A simple, easy, and recommended option for disabling the RT FTP server is to use the Shutdown RT FTP Server VI provided at the bottom of this article. This VI simply needs to be placed in the initialization portion of the top-level Real-Time VI. The Shutdown RT FTP Server VI will disable the open FTP server on the Real-Time RIO Device. The VI is supported on all current Real-Time operating systems: VxWorks and PharLap. 

After using the Shutdown RT FTP Server VI to disable the FTP server, in order to reactivate the FTP server, simply reboot the RIO device. Both a software reboot, via Measurement and Automation Explorer (MAX) or the Web Configuration and Monitoring Tool, or a hard reboot, via pressing the reset button or power cycling the RIO device will enable the FTP server. If a connection to the disabled FTP server is attempted, the following message will be presented to the user:

Figure 1: Message presented when attempting to connected to a disabled FTP server

Using the Shutdown RT FTP Server VI, the FTP server can be disabled while the Real-Time application is running, and can be easily enabled for software upgrades etc. 

Back to Top

3. Edit the ftpserve Filename

An alternative to the Shutdown RT FTP Server VI is to rename the ftpserve file. This method is NOT recommended for use, and is presented only to provide a better understanding of the FTP functionality on Real-Time.  Also, this option doesn't work for LabVIEW Real-Time 6.1 or earlier, as the server library is built into the core operating system. The ftpserve file provides RIO devices and other Real-Time controllers with the open FTP server functionality. This file has different extensions based on the operating system on the Real-Time controller.

  • On PharLap systems, the filename is: /ni-rt/system/ftpserve.dll
  • On VxWorks systems, the filename is: /ni-rt/system/ftpserve.out

The following article contains more information about the operating system running on various Real-Time targets including RIO devices: What Operating System is my Real-Time Controller Running and Why?

By renaming the ftpserve file, for example, to ftpserve_disable.dll or ftpserve_disable.out depending on the operating system, the start FTP server can be disabled. This prevents the FTP server from running after the controller reboots under normal operation. Using this method, the filename must be changed back to 'fpserve' for the FTP server to start when the controller reboots. The change to the filename can be made programmatically or through the filesystem browser built into the Web Configuration and Monitoring Tool. 

Figure 2: Accessing and editing the ftpserve filename on the Real-Time filesystem

Note that with both methods, the FTP server will still start be reactivated if the RIO device is booted into Safe Mode. Based on the challenge of remembering to rename the ftpserve file, the Shutdown RT FTP Server VI is the recommended method for managing the open FTP server.  

Back to Top

Bookmark & Share


Downloads


Ratings

Rate this document

Answered Your Question?
Yes No

Submit