Firewall Wizards mailing list archives

Re: OT: FTP Servers

From: <llynch () jorsm com>
Date: Sat, 7 Jun 2003 09:26:17 -0500 (CDT)

John,

Most good answers begin with "It depends...", but if you are looking for
personal prejudices....

If you need to provide simplistic _read-only_ access to files/data:

  publicfile       http://cr.yp.to/publicfile.html

Supports secure and simple FTP and HTTP, there are trade-offs when you
simplify ubiquious access protocols, because the original implementors did
not have the same depth of knowledge/experience of what is known today...
publicfile is IMHO a good mix of trade-offs, others will feel otherwise.

When using publicfile to serve content other than the default MIME types,
you may have to add the missing type by editing the MIME list in the
source code and recompiling.  This is not a big deal, as you will most
likely have to compile it anyway.  I expect that this will not always be
the case, as there appears to be a planned mechanism for doing this
without source code alteration, but I have not been successful at making
it work as yet (several months ago was the last try).

I agree with Paul, that using a general purpose FTP server for write
access should be avoided by the truly paranoid and pro-active. 
SSH/SFTP/SCP is a better alternative, but again depends on what is being
done, and who hast to use it.  Perhaps a combination of SSH/SFTP/SCP and
publicfile would be acceptable for your target audience.  My preference is
for best-of-breed tools, where it makes sense.

Depending on what your requirements are, you might consider a firewall
protected FTP server.  FTP is very difficult to secure, and this is a
challenge for firewall builders/maintainers.

Hope this helps,

-Lenard Lynch

From: Paul Robertson <proberts () patriot net>
To: John Smith <john.smith () minolta-qms com>
Subject: Re: [fw-wiz] OT: FTP Servers

On Fri, 6 Jun 2003, John Smith wrote:

[Because FTP is one of my favorite dead horses...]

    My question is this: Is WU-FTPD still a good FTP server to use?


The WU has *never* been a good server to use.
... snip ...

_Try_ *really* hard to use an HTTP server, FTP is a horrible protocol.
If you can't do that, vsftpd or something like that's bound to be
better than WU (which sits near the top of my "Historically broken
software" list.)

Paul




_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: OT: FTP Servers, (continued)
- Re: OT: FTP Servers Mikael Olsson (Jun 06)
- Re: OT: FTP Servers Frank Knobbe (Jun 06)
- Message not available
  - Re: OT: FTP Servers Marcus J. Ranum (Jun 06)
- RE: OT: FTP Servers Bojan Zdrnja (Jun 09)
- Re: OT: FTP Servers Florin Andrei (Jun 11)
- RE: OT: FTP Servers Sloane, David (Jun 06)
  - RE: OT: FTP Servers Gwendolynn ferch Elydyr (Jun 06)
    - RE: OT: FTP Servers Paul Robertson (Jun 06)
    - Message not available
    - RE: OT: FTP Servers Marcus J. Ranum (Jun 06)
    - Re: OT: FTP Servers Brian Hatch (Jun 08)
- Re: OT: FTP Servers llynch (Jun 07)