On Wednesday 14 July 2004 02:12 am, Tom Knight wrote: > Okay, FTP server of choice - Hakim's document mentions using proftpD. > Is this really more secure than all the mainstrain alternatives? > I've gone (where possible) for RPMs maintained by SuSE, and proftp > isn't one of them. On SLES, the choice appears to be: > ?pure-ftpd?1.0.12 ?Lightweight, fast and secure FTP server > ?vsftpd ?1.1.0 ?A Very Secure FTP Daemon - written from scratch. You'd be better off with Samba, IMHO. But as far as ProFTPD there were a couple of security flaw in a row and that was enough to freak SuSE, and it stopped being offered after 8.2. Pure-FPTd is offered, (and it just had a security flaw, so no doubt SuSE will bolt from that one too ;-) Profptd's big advantage is flexibility of configurations, with a syntax for setting directories and permissions similar to a web server, it makes offering disjoint portions of the file system easier. I like it, I use it, but on my 9.x machines I'm going with what SuSE offers, just because security issues are taken care of in one place. -- _____________________________________ John Andersen
Attachment:
pgpPndcFlBApy.pgp
Description: signature