Re: OT: FTP Servers

[Mikael Olsson <mikael.olsson () clavister com>]

John Smith wrote:
>     I have been tasked to build a FTP server.  I have selected the OS (a
> Unix variant that I know how to strip down to bare bones).  The last
> time I built a Unix FTP server (roughly five years ago) I used WU-FTPD.
>
>     My question is this: Is WU-FTPD still a good FTP server to use?  

Though there haven't been any publicly announced vulnerabilities
in it for some time, parts of its code still scares me.

>     If WU-FTPD is not a good FTP server to use or there are better (i.e.
> - more secure) servers out there, what would you suggest?  The needs for
> the site are anonymous FTP, potentially some 'real' FTP users, and up to
> 500 simultaneous FTP connections.  And of course the FTP server should
> be free.  :-)

I'd look at vsftpd and pureftpd. They're both manageably small
while still doing everything the average site needs.

I _used_ to think highly of proftpd, but that was before featuritis
struck and the inevitable vulnerabilities followed.  It's still on
the low side of vulnerability counts, but it's falling short of its
initial "very secure" goal.



-- 
Mikael Olsson, Clavister AB
Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden
Phone: +46 (0)660 29 92 00   Mobile: +46 (0)70 26 222 05
Fax: +46 (0)660 122 50       WWW: http://www.clavister.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards