28 Nov
2001
28 Nov
'01
22:53
Agreed Kurt, HTTP is a much nicer protocal anyway and if i REALLY have to use plain FTP then its the OpenBSD daemon. BTW: an excellent doc Adam On Thu, 29 Nov 2001, Kurt Seifried wrote:
None of the existing FTP servers with the exceptions of VSFTPD, and maybe OpenBSD's FTPD are even remotely classifiable as "hardened". ProFTPD is a huge mess. Every single effort at a UNIX/Windows ftp server I have ever seen is a disaster. The FTP protocol itself is a disaster, for clients and servers:
http://www.seifried.org/security/network/20010926-ftp-protocol.html
All in all it's just horrible. For bulk transfers consider apache + wget, for users ssh scp/sftp or https.
-Kurt