LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 11-17-2006, 09:25 AM   #1
dsids
Member
 
Registered: Mar 2006
Distribution: FC4
Posts: 184

Rep: Reputation: 31
the most secure ftp server today?


HI All,

I wanted to know which ftp server is the most secure?? Although, Im googling around, but I would like to hear your opinions too..

Thanks

Danish
 
Old 11-17-2006, 10:07 AM   #2
matthewg42
Senior Member
 
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530

Rep: Reputation: 63
FTP isn't a very secure protocol. You'd do better to use sftp, or use a regular FTP service over a VPN.

As with anything, 80% of the security comes from setting it up properly.
 
Old 11-17-2006, 12:57 PM   #3
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
If you insist on using an actual ftp server though, probably the one with the best current track record is vsftpd.

Stands for Very Secure FTP Daemon.
 
Old 11-18-2006, 02:00 AM   #4
dsids
Member
 
Registered: Mar 2006
Distribution: FC4
Posts: 184

Original Poster
Rep: Reputation: 31
What about jscape secure ftp server? I was going through the website yesterday.
One more thing.

Like https:// . Isnt there a protocol called ftps://. From what I remember, it uses the port 990 and 995 I guess. I was wondering if I could set up a ftp server where in I can connect by giving the url
ftps://x.x.x.x:990..and once the ftp server is contacted, a certificate is thrown, from a CA, showing that data communication is encrytped..

Thanks
Danish
 
Old 11-18-2006, 06:42 AM   #5
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
According to /etc/services on my box 989 and 990. If it will work depends (as far as I know) if the browser supports the protocol.

Last note:
Why specify the port? You also don't specify it for https

PS: I use vsftpd for secure ftp; will try one day if it works from a browser.

Last edited by Wim Sturkenboom; 11-18-2006 at 06:43 AM.
 
Old 11-19-2006, 12:49 AM   #6
dsids
Member
 
Registered: Mar 2006
Distribution: FC4
Posts: 184

Original Poster
Rep: Reputation: 31
Im using FC4..and there is no entry for port 990 and 989. But I had read on it somewhere..so wanted to implement it..Not sure how to..
Firefox does not support it..

IE does...i guess..

Well..if the port is specified in /etc/services..then I guess there is no need to specify ports in the url

Danish
 
Old 11-19-2006, 06:39 AM   #7
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
Quote:
Originally Posted by dsids
Im using FC4..and there is no entry for port 990 and 989. But I had read on it somewhere..so wanted to implement it..Not sure how to..
Firefox does not support it..

IE does...i guess..

Well..if the port is specified in /etc/services..then I guess there is no need to specify ports in the url

Danish
Usually when you want to set up a secure protocol, you need to create security certificates for the service in order for it to be secure. Just using the port number allocated for it doesn't make it secure.
 
Old 11-20-2006, 03:20 AM   #8
dsids
Member
 
Registered: Mar 2006
Distribution: FC4
Posts: 184

Original Poster
Rep: Reputation: 31
Quote:
Originally Posted by trickykid
Usually when you want to set up a secure protocol, you need to create security certificates for the service in order for it to be secure. Just using the port number allocated for it doesn't make it secure.
Yes..that is correct...Im gonna try it and get back to you with the errors..

Thanks
Danish
 
Old 11-20-2006, 07:45 AM   #9
dsids
Member
 
Registered: Mar 2006
Distribution: FC4
Posts: 184

Original Poster
Rep: Reputation: 31
Well, I created an ftp site on my LAN..and also created and loaded the certificates while starting the vsftpd server.

When I access the ftp server from a different machine using an ftp client like filezilla with the option FTP over SSL ( explicit encryption), a certicate pops up certifying the ftp server..But when I connect using a browser like IE..why am I given an error that Anonymous sessions must use encryption

Why is the certificate not showing?

my vsftpd.conf file


listen=YES

listen_address=192.168.10.235

anonymous_enable=YES


dirmessage_enable=YES

xferlog_enable=YES

connect_from_port_20=YES

rsa_cert_file=/usr/local/vsftpd-2.0.5/ftp_cert.pem

ssl_enable=YES

force_anon_logins_ssl=YES

Thanks
Danish
 
Old 11-28-2006, 04:23 PM   #10
mossy
Member
 
Registered: Aug 2003
Location: USexIRL
Distribution: *nix
Posts: 849

Rep: Reputation: 30
You get the error because of your last line in the config file:

<CODE>
force_anon_logins_ssl=YES
</CODE>

You might see if there are any settings for FTP in IE that need adjusting - check the handling of certs in IE as well. Other than that I would presume it is an IE specific problem since another browser works...test more browsers.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how can I secure my nis server ?can I use openSSL to secure it form sniffing ? abhi_raj Linux - Networking 1 07-10-2006 06:19 AM
Setting up a secure FTP and Tunneling Server Randvegeta Linux - Software 2 12-30-2005 10:44 AM
creating a secure ftp server with chrooting MisterESauce Linux - Networking 6 04-07-2005 11:22 AM
How to make a secure ftp server ? exalik Linux - Security 3 09-05-2003 04:21 AM
secure ftp server j-me Linux - Software 3 04-18-2003 11:37 AM


All times are GMT -5. The time now is 12:03 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration