which is best licensed ftp server : Pureftp(Bsd license) vs vsftpd (Gpl license)
 

Hi
Inorder to install ftp server in my production server .I had found pureftp and vsftpd are both are licensed and having security feature .Which of these license version of ftp is more reliable in production server .

Currently im using of vsftpd(virtaulftp) in production environment ,But it have some security drawback in VSFTPD.How can i reduce the below security compliance in vsftpd

vsftpd CVE Entries: 12
Shodan vsftpd entries: 41

As far as my understanding goes any party can include BSD code w/o having to share any changes like for example Microsoft and Apple do (or rather: don't). For your server usage it does not make a difference unless there's a specific reason you're asking. (But then I'd first ask if you've actually read the BSD and GPL.)


Please explain or please check your English / translation because "security drawback" doesn't look OK: did you mean "vulnerability" perhaps?.


Did you even assess what the CVE entries were about? Of the about 6 remaining CVE entries for Vsftpd at least 2 are distribution-specific and the other 4 won't compromise security in the sense of authentication bypasses etc. And sid you compare these CVE's with those for Pureftpd? If you did, would you rather face resource exhaustion (Vsftpd: CVE-2011-0762) or allow users to overwrite arbitrary files (Proftpd: CVE-2011-3171) or command injection (Pureftpd: CVE-2011-1575)?