[fw-wiz] Re: OT: FTP Servers
To: <email@example.com> Date: Sat, 7 Jun 2003 09:26:17 -0500 (CDT)
Most good answers begin with "It depends...", but if you are looking for
If you need to provide simplistic _read-only_ access to files/data:
Supports secure and simple FTP and HTTP, there are trade-offs when you
simplify ubiquious access protocols, because the original implementors did
not have the same depth of knowledge/experience of what is known today...
publicfile is IMHO a good mix of trade-offs, others will feel otherwise.
When using publicfile to serve content other than the default MIME types,
you may have to add the missing type by editing the MIME list in the
source code and recompiling. This is not a big deal, as you will most
likely have to compile it anyway. I expect that this will not always be
the case, as there appears to be a planned mechanism for doing this
without source code alteration, but I have not been successful at making
it work as yet (several months ago was the last try).
I agree with Paul, that using a general purpose FTP server for write
access should be avoided by the truly paranoid and pro-active.
SSH/SFTP/SCP is a better alternative, but again depends on what is being
done, and who hast to use it. Perhaps a combination of SSH/SFTP/SCP and
publicfile would be acceptable for your target audience. My preference is
for best-of-breed tools, where it makes sense.
Depending on what your requirements are, you might consider a firewall
protected FTP server. FTP is very difficult to secure, and this is a
challenge for firewall builders/maintainers.
Hope this helps,
> From: Paul Robertson <firstname.lastname@example.org>
> To: John Smith <email@example.com>
> Subject: Re: [fw-wiz] OT: FTP Servers
> On Fri, 6 Jun 2003, John Smith wrote:
> [Because FTP is one of my favorite dead horses...]
> > My question is this: Is WU-FTPD still a good FTP server to use?
> The WU has *never* been a good server to use.
> ... snip ...
> _Try_ *really* hard to use an HTTP server, FTP is a horrible protocol.
> If you can't do that, vsftpd or something like that's bound to be
> better than WU (which sits near the top of my "Historically broken
> software" list.)
firewall-wizards mailing list