Choosing the Right FTP Server

FTP is an old protocol, and numerous implementations of it have sprung up over the years. These servers vary in many details; however, they all serve the same protocol, and they all look very much alike to their users. FTP server options for Linux include the following:

ProFTPd This server, headquartered at http://proftpd.org, is one of the more popular of the very complex FTP servers. It ships with most major Linux distributions. Its configuration file is modeled after that of Apache, and the server supports many advanced features.

vsftpd This server aims to excel at security, stability, and speed. In doing so, its developers have chosen to eschew some of the more advanced features of servers such as ProFTPd and WU-FTPD. If you don't need those features, this tradeoff may be more than acceptable. You can learn more from its website, http://vsftpd.beasts.org. It's available with a growing number of Linux distributions.

WU-FTPD The Washington University FTP Daemon (WU-FTPD) is an old standard in the Linux world. Unfortunately, it's collected more than its fair share of security problems and isn't the speediest FTP server available. For these reasons, it ships with fewer Linux distributions today than in years past. Its main website is http://www.wu-ftpd.org.

BSD FTPD The BSD versions of Unix use their own FTP server, which has been ported to Linux and made available in Debian (in the bsd-ftpd package) and SuSE (in the ftpd package). This server is generally considered quite secure.

PureFTPd This server, headquartered at http://www.pureftpd.org, is another FTP server that emphasizes security. SuSE ships with a version of this server.

oftpd This server is unusual because it's designed to function only as an anonymous FTP server; it doesn't support logins using ordinary user accounts. This feature can be appealing if you only want to run an anonymous server, but it makes this server unsuitable for many other purposes. It's available from http://www.time-travellers.org/oftpd/.

Note This list of FTP servers is far from complete. The oftpd web page describes the primary developer's search for a name for the server. He wanted a name of the form xftpd, wherex was a single letter. Starting withaftpd, he found that oftpd was the first name that wasn't already in use!

Because FTP can potentially provide users with substantial access to the system—the ability to read or write any file, within limits imposed by Linux file ownership and permissions—FTP servers are unusually sensitive from a security point of view. As a result, the web pages for many of the servers in the preceding list emphasize their developers' attention to security. Most FTP servers provide explicit support for locking themselves in chroot jails, as described in Chapter 20, "Controlling Network Access."

For a small FTP site, chances are any of the servers in the preceding list will work well, with the exception of oftpd if you want authenticated user logins rather than anonymous access. Given its poor security history, WU-FTP might be best avoided, as well. Because they both ship with multiple Linux distributions, the next two sections focus on ProFTPd and vsftpd. ProFTPd is best suited to installations requiring complex configurations. If your needs are simpler or if your site handles a lot of traffic, vsftpd might be a better choice. The remaining servers are also worth considering if they happen to be easily installed on your distribution or (in the case of oftpd) if you want to run an anonymous-only site.

0 0

Post a comment