[Dshield] Unix and ftp server recs.

Mark Tombaugh mtombaugh at alliedcc.com
Fri Feb 27 17:46:44 GMT 2004

On Thursday 26 February 2004 4:27 pm, Louis Hablas wrote:
> 1)Unix flavor? as secure as possible 'out of the box'; at the same time,
> keeping up-to-date not too difficult.  I'm willing to spend a little bit of
> money.  Please include link to source of software, documentation, etc.

Slackware would be my choice, although they can be a little slow on patches:
RHEL 3.0 if youre willing to spend the dime, excellent support, and a much 
better product than they offered a couple years ago. I think this would be 
overkill for a relatively silent ftpd, but thats your call:

Of course you will want iptables for either of the above.

> 2)this box will serve one purpose and one purpose only -- ftp
> service...what ftp server?  likewise, am willing to spend some money.

Proftpd is the choice of a lot of ISPs and content providers. Stable, setup is 
a little tricky: <http://freshmeat.net/projects/proftpd/>

Glftpd is the choice of a lot of ftp admins. Loaded with features, easy setup, 
lots of options for reporting: <http://freshmeat.net/projects/glftpd/>

> 3)be able to run on old Dell PC that's been put out to pasture...most
> likely a 300MHZ Pentium with 64 to 128MB ram

RHEL 3.0 might be laggy. Slackware + proftpd - x + iptables could be your best 

Since youre putting it outside your firewall, you should extend your 
monitoring to this box somehow. Worse case scenario, box gets raped, you 
never know because you don't monitor beyond your perimeter:
<http://snort-inline.sourceforge.net/> :)

Theres dozens of ways to peel this fruit. Any way you go, youre on the right 
track. OSS kicks butt imvho.

Mark Tombaugh <mtombaugh at alliedcc.com>
Allied Computer Corporation <http://www.alliedcc.com>
USiHOST, iNC <http://www.usihost.com>

More information about the list mailing list