[lug] FTP server preferences
Peter Hutnick
peter at fpcc.net
Tue Feb 19 12:18:22 MST 2002
On Tuesday 19 February 2002 10:39 am, Elyse Grasso wrote:
> I need to set up an ftp server on one of our machines. Which of the ftp
> servers shipped with current RedHat/KRUD systems is 1) least vulnerable to
> security problems and 2) easiest to set up and administer? Is there a good
> discussion of the tradeoffs between the various servers somewhere?
>
> Thanks
After my RedHat system was owned I switched to ProFTPD. Nice. Apache style
config. Configureable beyond your wildest dreams.
I also highly recommend running anon only ftp. If you need "real user" stuff
use SCP or SFTP (both available in the OpenSSH package). This allows you to
run the FTP daemon as a user that only has enough privs to read the FTP
directories (and write upload if you have it) and execute the ProFTPD built
in commands. IOW, what would be a remote root on WU-FTP is an unprivileged
not-quite-a-shell on ProFTPD. (Which brings us to a whole other discussion
about local exploits . . .)
Anyway, fast, reliable, as secure as FTP gets. To me ProFTPD is the only way
to go.
Good Luck,
Peter
More information about the LUG
mailing list