ftp slow w/ proftpd# Samba fast
Tony Nelson
tonynelson at georgeanelson.com
Sun Aug 5 19:37:50 UTC 2007
At 12:38 AM +0100 8/5/07, Alan Cox wrote:
>> >You can make vsftpd do a lot of things, and as it was written for
>> >security first its extremely well designed.
>>
>> It does, however, allow unlimited password cracking attempts, while Proftpd
>> can be configured to prevent, with the help of some iptables rules.
>> (Ignore what that dolt Excalibur Xcalibur will say in response -- PEBKAC.)
>
>
>It does. Although it supports tcp_wrappers so you can still do this but
>not so prettily.
OK.
>The usual vsftpd configuration is to set it to anonymous only, which
>will provide weeks of pointless amusement to anyone trying to crack
>passwords however.
I hope that is how others use it, but it doesn't apply here. There is no
anonymous access, only access to accounts with passwords.
>Given ftp sends passwords in plain text its not usually a good idea to
>allow non anonymous access except when you can force SSL for non
>anonymous users anyway
Well, that's a matter of user training and tool availability and setting up
SSL. I'm making progress on the training. I don't know about the tools.
I'm not working on SSL, as SSH already works. FTP upload is often built in
to various editors on Mac and MSWindows, but I don't thing SFTP and SCP
are, nor would I expect support for SSL. Fuse's sshfs isn't so widespread
yet, either.
--
____________________________________________________________________
TonyN.:' <mailto:tonynelson at georgeanelson.com>
' <http://www.georgeanelson.com/>
More information about the users
mailing list