From owner-freebsd-security Wed Jan 24 9:29:19 2001 Delivered-To: freebsd-security@freebsd.org Received: from tmd.df.ru (cr219023-a.rchrd1.on.wave.home.com [24.43.203.140]) by hub.freebsd.org (Postfix) with ESMTP id C3F8E37B400 for ; Wed, 24 Jan 2001 09:28:57 -0800 (PST) Received: (from tmd@localhost) by tmd.df.ru (8.11.1/8.11.1) id f0OHbw397620; Wed, 24 Jan 2001 12:37:58 -0500 (EST) (envelope-from tmd) Date: Wed, 24 Jan 2001 12:37:57 -0500 From: Vlad To: Artem Koutchine Cc: freebsd-security@freebsd.org Subject: Re: Which is the most secure and reliable ftp daemon Message-ID: <20010124123757.B97354@tmd.df.ru> Mail-Followup-To: Vlad , Artem Koutchine , freebsd-security@freebsd.org References: <000901c08629$c674d320$0c00a8c0@ipform.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <000901c08629$c674d320$0c00a8c0@ipform.ru>; from matrix@ipform.ru on Wed, Jan 24, 2001 at 08:19:06PM +0300 X-Operating-System: FreeBSD 4.2-STABLE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, Jan 24, 2001 at 08:19:06PM +0300, Artem Koutchine (matrix@ipform.ru) wrote: > Hello! > > I just audited my system for security and it came up that i am > running inetd ONLY because ftp daemon is needed. > > I know that thare are many good ftp daemons, but since > i never tested any of them in real production environment > i don't know which to pick. > > Please, share your experience with different ftp daemons. > I need something very reliable, secure and configurable. > Currently i am thinking about wu-ftpd and proftpd, but both > of them have history of security flaws. > > If i find, i could finaly turn off inetd and save myself some > RAM and maybe even tighten security. > > Regards, > Artem It is impossible to state that a certain daemon is the most secure one - all depends on the way you configure it and the level of security of your whole system. Personally, I prefer PROFTPD (as most people do) over other alternatives, particularly because of its fexible configuration. If you are planning to run anonymous ftp, then proftpd is definitely your choice. If not, you might consider FBSD's ftpd, which is rather good (if you chroot users in their directories/etc). Hope that helps. - -- tmd To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message