Firewall Wizards mailing list archives
Re: OT: FTP Servers
From: <llynch () jorsm com>
Date: Sat, 7 Jun 2003 09:26:17 -0500 (CDT)
John, Most good answers begin with "It depends...", but if you are looking for personal prejudices.... If you need to provide simplistic _read-only_ access to files/data: publicfile http://cr.yp.to/publicfile.html Supports secure and simple FTP and HTTP, there are trade-offs when you simplify ubiquious access protocols, because the original implementors did not have the same depth of knowledge/experience of what is known today... publicfile is IMHO a good mix of trade-offs, others will feel otherwise. When using publicfile to serve content other than the default MIME types, you may have to add the missing type by editing the MIME list in the source code and recompiling. This is not a big deal, as you will most likely have to compile it anyway. I expect that this will not always be the case, as there appears to be a planned mechanism for doing this without source code alteration, but I have not been successful at making it work as yet (several months ago was the last try). I agree with Paul, that using a general purpose FTP server for write access should be avoided by the truly paranoid and pro-active. SSH/SFTP/SCP is a better alternative, but again depends on what is being done, and who hast to use it. Perhaps a combination of SSH/SFTP/SCP and publicfile would be acceptable for your target audience. My preference is for best-of-breed tools, where it makes sense. Depending on what your requirements are, you might consider a firewall protected FTP server. FTP is very difficult to secure, and this is a challenge for firewall builders/maintainers. Hope this helps, -Lenard Lynch
From: Paul Robertson <proberts () patriot net> To: John Smith <john.smith () minolta-qms com> Subject: Re: [fw-wiz] OT: FTP Servers On Fri, 6 Jun 2003, John Smith wrote: [Because FTP is one of my favorite dead horses...]My question is this: Is WU-FTPD still a good FTP server to use?The WU has *never* been a good server to use. ... snip ... _Try_ *really* hard to use an HTTP server, FTP is a horrible protocol. If you can't do that, vsftpd or something like that's bound to be better than WU (which sits near the top of my "Historically broken software" list.) Paul
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: OT: FTP Servers, (continued)
- Re: OT: FTP Servers Mikael Olsson (Jun 06)
- Re: OT: FTP Servers Frank Knobbe (Jun 06)
- Message not available
- Re: OT: FTP Servers Marcus J. Ranum (Jun 06)
- RE: OT: FTP Servers Bojan Zdrnja (Jun 09)
- Re: OT: FTP Servers Florin Andrei (Jun 11)
- RE: OT: FTP Servers Sloane, David (Jun 06)
- RE: OT: FTP Servers Gwendolynn ferch Elydyr (Jun 06)
- RE: OT: FTP Servers Paul Robertson (Jun 06)
- Message not available
- RE: OT: FTP Servers Marcus J. Ranum (Jun 06)
- Re: OT: FTP Servers Brian Hatch (Jun 08)
- RE: OT: FTP Servers Gwendolynn ferch Elydyr (Jun 06)