[Dshield] My graphics guy sent me the following message this morning...
David.Sentelle at cnbcbank.com
Wed Feb 4 14:10:53 GMT 2004
FTPisn't secure, and I've heard of lots of boxes being owned due to FTP
being opened to the internet when it wasn't correctly configured.
For my home site, I threw up Apache & PHP with GeekLog on it.
Geeklog's had a number of security issues, but there's plenty of
Bulletin Board scripts which allow file uploads and downloads. As long
as you don't publish links to the frontend of the BB system security
won't be as much of an issue. (Meaning don't have it listed in any
links form your main site, and don't have it as the default web page)
FTP servers answer anyone (unless configured otherwise) whereas the
bulletin board script can be 'hidden'. Yes, apache will still answer
all requests, but theoretically that shouldn't be a problem.
Either way about it is a good excuse to get acquainted with Linux.
More information about the list