Proftpd is an excellent ftp server.  The config files are straight forward,
it doesn't need to run as root, you can easily to virtual domains, and it
runs as a daemon (not from inetd).

Maybe they've fixed it now, but passive mode was broken for awhile.  This
was quite some time ago, so I'm sure it's fixed by now.  Stay away from
anything based on wu-ftpd's code, it has a long history of security
problems, and must also run as root.

Jay

> -----Original Message-----
> From: duncan [mailto:duncan at sodatrain.com] 
> Sent: Friday, November 02, 2001 10:31 AM
> To: tclug-list at mn-linux.org
> Subject: [TCLUG] FTP Best practices
> 
> 
> Hello-
> 
> Im going to be setting up an FTP server, and am aware that ftp has a 
> history of bad security.
> 
> I have looked around at ftp servers, and pure-ftpd seems to be pretty 
> good... however, im not sure.
> 
> Any one have any best practices or good advice to help ensure decent 
> security on the box?
> 
> SFTP?
> 
> Its a linux box, and folks will be connecting (maybe doenst 
> matter) with 
>   windows.
> 
> thanks
> 
> duncan
> 
> 
> 
> 
> _______________________________________________
> Twin Cities Linux Users Group Mailing List - Minneapolis/St. 
> Paul, Minnesota http://www.mn-linux.org 
> tclug-list at mn-linux.org 
> https://mailman.mn-> linux.org/mailman/listinfo/tclug-list
>