11. FTP Servers
FTP servers have a poor history with regard to security; they a common
target for would-be intruders. Suggestions:
- Use an SSH server, i.e., offer scp or sftp instead.
- Wrap or
firewall the service
so that only a small number of hosts have access to the FTP
server.
- Use an FTP proxy --- this increases your protection against
buffer overflows and also allows you to restrict which FTP
commands are executed by clients
(see Linux Journal Issue 104/December 2002, Paranoid Penguin by
Mick Bauer).