... And if you want anonymous logins, you WILL notice it if it dont work. Same goes to user-logins. So why not simply disable both in the standard-config-file (effectively making the server unusable until someone have changed the config), and include comments telling how to enable it?
One common use case for non-anonymous ftp is file uppload to a web-hotel - as most users either dont know about or dont care about more secure ways. And those have mostly disabled ssh logins.
lør, 11.09.2004 kl. 11.39 skrev Paul Trippett:
On Sat, 2004-09-11 at 06:42, Charles R. Anderson wrote:
Not really...I think he makes a very valid point that allowing trusted users to login via FTP is worse than allowing anonymous users FTP access. FTP should only ever be used in anonymous mode, like HTTP servers are mostly used for. If you don't what that, don't enable the service.
yes, it is best practise but how many companies use FTP on there internal network "in a controlled enviroment" to put data onto internal web/ftp/email etc servers. This number has to outway the number of companies running known anonymous ftp servers. Linux is being used more an more in internal company networks where anonymous ftp to servers would not be wanted.
/pt