Board index Solaris

Solaris ftp v Pro-ftp v WU-ftp

Solaris ftp v Pro-ftp v WU-ftp

Post by Doc Sawbone » Fri, 01 Sep 2000 14:15:15



One-year newbie Solaris admin here. (And four yrs Linux experience extra,
does
that count extra credit?)

Management thinks they want an internet ftp server for the company.
Whatever,
they're mgt, and 'I serve at their pleasure'.. and paycheck. My questions:

1). why use a package like ProFTP or WU-ftp, instead of Solaris 2.6 ftp,
which
seems to me easy enough to use and cfg? (I'd ask them why, but that'd be
interpreted
as 'a bad thing'.)
2). which FTP is 'better'? I've heard of WU-ftp security holes, but am not
familiar
with Pro-FTP problems.
3). is there a better way to go?

I'm guessing this is for external customer browser convenience, which will
make me
RTFMs soon enough, yet any other comments, suggestions, or insights would be
appreciated. Thank you.

-fgz
(name alias and bogus email adrs to protect the guilty.)

 
 
 
Top

Solaris ftp v Pro-ftp v WU-ftp

Post by Timothy J. L » Fri, 01 Sep 2000 14:42:24




>Management thinks they want an internet ftp server for the company.
>Whatever,
>they're mgt, and 'I serve at their pleasure'.. and paycheck. My questions:

>1). why use a package like ProFTP or WU-ftp, instead of Solaris 2.6 ftp,
>which
>seems to me easy enough to use and cfg? (I'd ask them why, but that'd be
>interpreted
>as 'a bad thing'.)

They may have more logging options or more capabilities which can
be of use if you are allowing uploads (e.g. uploaded files can be
made not readable for downloading in order to prevent an ftp server
from being used as a trading post for unauthorized copies of copyrighted
software).  The downside is more complexity, which can mean more
places for security bugs to hide.

If you only need anonymous read-only ftp, there are some ftp servers
like publicfile at http://cr.yp.to that may be of interest from a
security standpoint.

Of course, any computer exposed to the outside world needs added
security, since Solaris defaults are mostly appropriate for a
friendly local network.  Turning off unneeded network services and
unneeded setuid bits, installing security patches, and installing
a local firewall like IP Filter or SunScreen Lite are among the things
to consider.

--
------------------------------------------------------------------------
Timothy J. Lee
Unsolicited bulk or commercial email is not welcome.
No warranty of any kind is provided with this message.

 
 
 
Top

Solaris ftp v Pro-ftp v WU-ftp

Post by Martin Hepwort » Fri, 01 Sep 2000 17:30:48



> One-year newbie Solaris admin here. (And four yrs Linux experience extra,
> does
> that count extra credit?)

> Management thinks they want an internet ftp server for the company.
> Whatever,
> they're mgt, and 'I serve at their pleasure'.. and paycheck. My questions:

> 1). why use a package like ProFTP or WU-ftp, instead of Solaris 2.6 ftp,
> which
> seems to me easy enough to use and cfg? (I'd ask them why, but that'd be
> interpreted
> as 'a bad thing'.)
> 2). which FTP is 'better'? I've heard of WU-ftp security holes, but am not
> familiar
> with Pro-FTP problems.
> 3). is there a better way to go?

> I'm guessing this is for external customer browser convenience, which will
> make me
> RTFMs soon enough, yet any other comments, suggestions, or insights would be
> appreciated. Thank you.

> -fgz
> (name alias and bogus email adrs to protect the guilty.)

Hi

depends what you want -

wu-ftpd has great logging (audit) features as well as chroot for 'real'
users, but its relative;y difficult to setup. (yes its has a history of
insecurity, but they are always closed quickly).

pro-ftpd has a nice easy setup, chroot for real or virtual users, but
also suffers from holes - again fised quickly

solaris ftpd - very few features, non-annoymous chroot is possible
(just, but very klunky to setup), hardly any logging (auditing).

The world's busiest ftp site (ftp.cdrom.com) runns off a modified
wu-ftpd. But I prefer pro-ftpd as its easier to setup.

Martin

 
 
 
Top

Solaris ftp v Pro-ftp v WU-ftp

Post by Philip Bro » Sat, 02 Sep 2000 06:17:10



>One-year newbie Solaris admin here. (And four yrs Linux experience extra,
>does
>that count extra credit?)

>Management thinks they want an internet ftp server for the company.
>Whatever,
>they're mgt, and 'I serve at their pleasure'.. and paycheck. My questions:

>1). why use a package like ProFTP or WU-ftp, instead of Solaris 2.6 ftp,
>...

you havent stated the requirements.
If there are no requirements beyond "an ftp server", then there's no reason
to install any third party server.

--
[Trim the no-bots from my address to reply to me by email!]
[ Do NOT email-CC me on posts. Pick one or the other.]

The word of the day is mispergitude

 
 
 
Top

1. WU-FTP and restricted FTP accounts

Hi,

 We are using the Limited edition of WU-FTP.  I have creted a restricted
FTP account and placed a static copy of ls in /bin in the chroot'ed
directory. When I FTP into the restricted account, I cannot see any of
the files and subdirectories, although since I know their names, I can
cd to them.  Does anyone know how to solve this problem?

Thanks,
Andy

2. apache rebuild from ports

3. How to prevent anonymous ftp w/wu-ftp

4. pre-R5 boot floppy

5. Virtual FTP Sites with wu-ftp

6. crashes

7. chroot FTP with wu-ftp beta-13

8. How to deal with the blocked signal

9. configuring virtual ftp (wu-ftp)

10. Which ftp server wu-ftp or proftpd?

11. ange-ftp has trouble retrieving directory contents from wu-ftp on RedHat system

12. ftp or wu-ftp

13. help: running ftp server with wu-ftp


All times are UTC
Board index