Code review request
Russ Allbery
rra at stanford.edu
Tue Aug 8 20:47:06 EDT 2006
Philip Prindeville <philipp at redfish-solutions.com> writes:
> Actually, I run an FTP repository with anonymous access... it's behind
> a firewall that doesn't provide enough stateful inspection to handle
> brute-force password attacks, however.
If you're just running an anonymous FTP server, you really don't want to
be using the ftpd that comes with Kerberos. You really want to install an
FTP daemon that's specifically designed for anonymous FTP service. I have
had good luck with vsftpd. Other people use proftpd or one of the many
others out there. The MIT Kerberos ftpd will work, but it's really not
optimized or designed for high-volumen anonymous FTP service.
If you're purely doing anonymous FTP, you can disable authentication
entirely when using an ftpd designed for that.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the krbdev
mailing list