OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Karsten W. Rohrbach (karstenrohrbach.de)
Date: Thu Jul 19 2001 - 09:20:49 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Nuno Teixeira(nuno.mailinglistspt-quorum.com)2001.07.18 22:51:21 +0000:
    > Hello to all,
    >
    > 1.
    > The ftpd FreeBSD distribution is FTP verion 6.00 LS.

    ...the standard FreeBSD ftpd

    >
    > I noted that ftp.freebsd.org uses an FTP version DG-4.1.73

    ...the dgroot.com "it's-powerful-but-i-won't-give-the-source-away" ftpd
    with several nice features -- it's tiny, it uses all sorts of
    optimizations towards the os, it satisfies a lot of simultaneous
    sessions, you wield the "powered by dg software" sign when you use it
    ;-)

    >
    > What the differences between the two ftpds?

    6.00LS comes with your system
    dgftpd is commercial software i think

    > 2.
    > (I don't want to start a flame war)
    >
    > What of this 2 ftpd programs (FTPd FreeBSD dist. and ProFTPd) is more
    > secure?

    i would not consider proftpd to be more secure than the freebsd ftpd.
    proftpd is much too fancy, it suffers some feature-o-mania coding
    approach, it is complex, thus error-prone. proftpd is not dgftpd.

    i personally like lukemftpd, but that's just my preference. it lacks
    decent logging to files, just syslog (at least the version i use).

    > Or, what FTPd program should I use to obtain maximum security?

    none ;-)
    no, honestly, i would stick with the freebsd ftpd or lukemftpd in this
    case. do you need fancy features? ratio? strange process limiting
    abilities that act funky? you should use a KISS designed ftpd to get
    improved security and, if possible, just leave it away in case your do
    not really need it (scp/rsync over ssh is your friend)

    /k 

    -- 
> Life is a sexually transmitted disease.
KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie
http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/
karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catchspam.de
GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE  DF22 3340 4F4E 2964 BF46
Please do not remove my address from To: and Cc: fields in mailing lists. 10x

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org

    iD8DBQE7VuzBM0BPTilkv0YRAtEjAJ9qGW/+BpiqE74HHqupcNTr1zH5wgCcCU2U AgHjnycRUKCVKAlJy5JNPsk= =zWon -----END PGP SIGNATURE-----

    To Unsubscribe: send mail to majordomoFreeBSD.org with "unsubscribe freebsd-security" in the body of the message