LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 10-03-2012, 02:16 AM   #1
jsaravana87
Member
 
Registered: Aug 2011
Location: Chennai,India
Distribution: Redhat,Centos,Ubuntu,Dedian
Posts: 558
Blog Entries: 5

Rep: Reputation: Disabled
which is best licensed ftp server : Pureftp(Bsd license) vs vsftpd (Gpl license)


Hi
Inorder to install ftp server in my production server .I had found pureftp and vsftpd are both are licensed and having security feature .Which of these license version of ftp is more reliable in production server .

Currently im using of vsftpd(virtaulftp) in production environment ,But it have some security drawback in VSFTPD.How can i reduce the below security compliance in vsftpd

vsftpd CVE Entries: 12
Shodan vsftpd entries: 41

Last edited by jsaravana87; 10-03-2012 at 02:25 AM.
 
Old 10-03-2012, 12:22 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Quote:
Originally Posted by arun5002 View Post
Which of these license version of ftp is more reliable in production server .
As far as my understanding goes any party can include BSD code w/o having to share any changes like for example Microsoft and Apple do (or rather: don't). For your server usage it does not make a difference unless there's a specific reason you're asking. (But then I'd first ask if you've actually read the BSD and GPL.)


Quote:
Originally Posted by arun5002 View Post
it have some security drawback in VSFTPD.
Please explain or please check your English / translation because "security drawback" doesn't look OK: did you mean "vulnerability" perhaps?.


Quote:
Originally Posted by arun5002 View Post
How can i reduce the below security compliance in vsftpd

vsftpd CVE Entries: 12
Did you even assess what the CVE entries were about? Of the about 6 remaining CVE entries for Vsftpd at least 2 are distribution-specific and the other 4 won't compromise security in the sense of authentication bypasses etc. And sid you compare these CVE's with those for Pureftpd? If you did, would you rather face resource exhaustion (Vsftpd: CVE-2011-0762) or allow users to overwrite arbitrary files (Proftpd: CVE-2011-3171) or command injection (Pureftpd: CVE-2011-1575)?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
GPL license, BSD license and... ? kikinovak Slackware 3 09-10-2012 01:53 PM
Getting "taints kernel" message even after having "Dual BSD/GPL" license nikhil_no_1 Linux - Kernel 3 12-06-2010 01:29 PM
GPL, BSD, MIT, ... : License or Contract? Mben Linux - General 11 05-08-2006 06:22 AM
gpl and bsd license gui10 General 5 04-25-2002 10:55 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 08:00 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration