Subject: Re: Proftp 1.2.0pre6
From: Rich Lafferty (rich@alcor.concordia.ca)
Date: Tue Sep 21 1999 - 20:10:11 MDT
Quoting Benjamin Karas (bjk4@po.cwru.edu) from Tue, Sep 21, 1999 at 09:37:55PM -0400:
> Given that Proftp and wuftp, two of the more common ftp servers around
> right now, both have bugs and exploits running around, what kind of ftp
> server do you suggest I run. I don't want to play catchup with the bug
> lists forever.
If you don't need anonymous ftp, I'd recommend the 'stock' ftpd; I
don't know if there's an RPM for it, but it's an easy build. (It's
the openbsd ftpd.)
If you do need anonftp, then Dan Bernstein (of Qmail fame) has an
anon-only ftp daemon which is a textbook example of security by
simplicity.
I don't have URLs handy, but I posted both about a week ago when the
ProFTPD rpms were released, so it'll be in the archive.
-r.
-- ------------------------------ Rich Lafferty --------------------------- Sysadmin/Programmer, Information and Instructional Technology Services Concordia University, Montreal, QC (514) 848-7625 ------------------------- rich@alcor.concordia.ca ----------------------
This archive was generated by hypermail 2a24 : Fri Oct 01 1999 - 16:13:44 MDT