This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Date: Mon, 25 Jun 2001 21:08:07 -0700 To: svlug@lists.svlug.org Subject: Re: [svlug] /etc/hosts.deny tcpd problems From: Rick Moen <rick@linuxmafia.com> begin Dagmar d'Surreal quotation: > Yup. That's why I said I've just flatly given up on trying to run an > ftpd. Writing off all 28 ftp daemons for Linux, just because the two most bloated and squirrely ones have horrid security histories, seems a trifle hasty. May I direct your attention to: http://linuxmafia.com/pub/linux/security/ftp-daemons Note in particular Pure-ftpd, vs-ftpd, and oftpd. > Anything I need to distro to users without authentication just gets > chucked into the web server's domain. What you lose by not offering also a good, fast, secure, anonymous-only ftpd was discussed to death on this list, before you joined. (I'm loathe to repeat it.) Not a big deal, but enough that I run oftpd alongside my Web server. ===