Site home page
(news and notices)

Get alerts when Linktionary is updated

Book updates and addendums

Get info about the Encyclopedia of Networking and Telecommunicatons, 3rd edition (2001)

Download the electronic version of the Encyclopedia of Networking, 2nd edition (1996). It's free!

Contribute to this site

Electronic licensing info

 

 

Anonymous (Guest) Access

Related Entries    Web Links    New/Updated Information

  
Search Linktionary (powered by FreeFind)

Note: Many topics at this site are reduced versions of the text in "The Encyclopedia of Networking and Telecommunications." Search results will not be as extensive as a search of the book's CD-ROM.

Many computer systems and network servers provide what is called "anonymous" or "guest" access. An account is set up with the name anonymous or guest. Multiple users can log in to the account at the same time. Typically, an annonymous account does not require a password, although users are sometimes asked to type a username. The anonymous/guest account user usually has very restricted access to the system and is often only allowed to access special public files. Such accounts are used on FTP (called Anonymous FTP) and Web servers on the Internet (and intranets). The accounts are also used for kiosk information systems in public areas or in organizations that make computers available to employees that need to look up information such as pension fund data or archival data.

Two Internet RFCs of interest are RFC 1635 (How to Use Anonymous FTP, May 1994) and RFC 2245 (Anonymous SASL Mechanism, November 1997)

Internet RFC 2245 explains anonymous servers and provides some guidelines for managing them.

Anonymous accounts should only have read access rights to limit attacks on the system. Any user requiring write access should be required to log in under a specific user account with a secure password.

Anonymous or guest access accounts should be disabled by default in most operating systems unless the system administrator has specific reasons to use them.

Anonymous accounts may provide what is called a "drop-box" feature, in which a user is allowed to submit a file to a server but is not allowed read or execute access to the drop-box folder. This prevents users from submitting and running executable programs that could damage the server.

Many Web sites allow access to anonymous accounts only after users have supplied additional information, such as their e-mail address. This information can be used to track the user later. Cookies are also used to track users. Note that trace information is easily faked by the client, so the authenticity of this information should always be questioned. This is especially important when messages and other information received by clients are posted for others to read.

Anonymous servers are susceptible to attacks. An anonymous user could instigate a "denial-of-service" attack on a server that does not have an idle time-out and that limits the number of anonymous users. The user could simply tie up the server by logging on multiple times (up to the user limit) and keeping the connection open.




Copyright (c) 2001 Tom Sheldon and Big Sur Multimedia.
All rights reserved under Pan American and International copyright conventions.