RE: [fw-wiz] OT: FTP Servers

• Previous message: Mikael Olsson: "Re: [fw-wiz] Where do firewall Admins Sit in An Company"
• Maybe in reply to: John Smith: "[fw-wiz] OT: FTP Servers"
• Next in thread: Gwendolynn ferch Elydyr: "RE: [fw-wiz] OT: FTP Servers"
• Reply: Gwendolynn ferch Elydyr: "RE: [fw-wiz] OT: FTP Servers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: firewall-wizards@honor.icsalabs.com, john.smith@minolta-qms.com
Date: Fri, 6 Jun 2003 16:44:57 -0400

First, I don't know if WU-FTPD is still a good server or not.

I've had good luck setting up vsftpd on linux recently.

See http://vsftpd.beasts.org

The author is a bit... enthusiastic about his project, but don't be put off
by the unusual exuberance.

The documentation is good but a little scattered - the man pages are the
most complete reference.

Security and performance seem to be the twin goals of the server and I've
found that it performs well. My (public-facing) ftp site doesn't get a lot
of traffic, so I can't say "It's really secure" with any conviction.

I've found it integrates well with PAM security on Red Hat 9. If you're
making a dedicated ftp server, this integration is quite useful. For
example, you can set system-wide password-aging and disk quotas, which will
then apply to all of your ftp users. You can chroot local users
(chroot_local_user=YES in the vsftpd.conf file) so that each user sees her
home directory as the ftp server root (forgive me if this is obvious to you
*nix wizards). It's good stuff.

Version 1.2.0 of vsftpd just came out, but I'm still running 1.1.3 in
production till I have time to test the new build.

Good luck.

-David

-----Original Message-----
From: John Smith [mailto:john.smith@minolta-qms.com]
Sent: Friday, June 06, 2003 2:51 PM
To: firewall-wizards@honor.icsalabs.com
Cc: john.smith@minolta-qms.com
Subject: [fw-wiz] OT: FTP Servers

All,

    I have been tasked to build a FTP server. I have selected the OS (a
Unix variant that I know how to strip down to bare bones). The last
time I built a Unix FTP server (roughly five years ago) I used WU-FTPD.

    My question is this: Is WU-FTPD still a good FTP server to use? The
pros are I am experienced with it and it works very well in
installations I have done. The (potential) con is the fact that there
hasn't been a new release of the code since 11/2001 (2.6.2). I haven't
seen new exploits for it, so I don't know if the code is that stable or
if it isn't being maintained anymore. The home page (www.wu-ftpd.org)
was last updated 2/18/2003.

    If WU-FTPD is not a good FTP server to use or there are better (i.e.
- more secure) servers out there, what would you suggest? The needs for
the site are anonymous FTP, potentially some 'real' FTP users, and up to
500 simultaneous FTP connections. And of course the FTP server should
be free. :-)

    Thank you.

John

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Mikael Olsson: "Re: [fw-wiz] Where do firewall Admins Sit in An Company"
• Maybe in reply to: John Smith: "[fw-wiz] OT: FTP Servers"
• Next in thread: Gwendolynn ferch Elydyr: "RE: [fw-wiz] OT: FTP Servers"
• Reply: Gwendolynn ferch Elydyr: "RE: [fw-wiz] OT: FTP Servers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]