[lug] FTP server preferences
Sean Reifschneider
jafo at tummy.com
Tue Feb 19 11:36:21 MST 2002
On Tue, Feb 19, 2002 at 10:47:03AM -0700, D. Stimits wrote:
>I know of one Linux ISP style business owner who swears by ProFTP for
>security, and has a lot of bad remarks against wu-ftp. I can't
ProFTPd gets bad marks from me in the security department because they had
a remotely exploitable issue which sat in their CVS for like 6 months
before they made a new release to fix it. Ugh. That said, I like ProFTPd
because of it's whole pile of features.
wu-ftpd has a very bad track record on security.
If you are looking for an anonymous FTP server, I'd recommend one of DJB's
alternatives such as "anonftpd" or "publicfile". Both of which are written
entirely to be secure. Also, his page on this reviews the security history
of several other FTP servers, a few of which he gives high marks to.
Sean
--
"When I nod my head, hit it."
Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
tummy.com - Linux Consulting since 1995. Qmail, KRUD, Firewalls, Python
More information about the LUG
mailing list