Johnny Fulcrum writes: > Security is a concenr too (!)...I've played with > wu-ftp and the ftp daemons that come "out of the box" with Mandrake > (proftp I think)... WU-FTPD and ProFTPD are insecure. They each had a remote root security hole within the last months. Don't ever consider using them. vsftpd is probably the best secure full service open source FTP server. I don't use it because the only way to handle virtual users is with PAM (ick). publicfile's ftpd is also secure, but it only allows anonymous downloads. I like NcFTPd. It's not open source, but it is secure, cheap, highly configurable and extendable. You can write a custom authentication daemon, making it easy to integrate NcFTPd with users stored in a database (great for free or paid hosting). You can also write an event daemon or event processor, making it easy to filter or scan files after they are uploaded. Note that while FTP is still very popular, it is also fundamentally insecure for anything other than anonymous downloads: http://cr.yp.to/ftp/security.html -- David Phillips <david at acz.org> http://david.acz.org/ _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list