[G4] Re: G4 Digest, Vol 9, Issue 17

[James Pacyga]

If you use PureFTPd, you will be able to create "Virtual Users" in any 
directory (perhaps on your NON-system disk).  These users are managed 
solely within PureFTPd and don't have to be users in Netinfo (the 
system that OSX uses to manage information).  Hence, they pose less 
security risk and do not require you to open up your system files or 
directories to OTHERs.

I would use it - A) it is free and you can contribute if you like it, 
B) it has pretty straight forward gui setup v. having to do loads of 
root type stuff in NETINFO to get FTP to work out of the box in a 
secure way...

The biggest problem really security wise, is that loads of people run 
port scanners and will try to use an ANONYMOUS login for any thing that 
responds on port 21 (FTP).  So, that is why you probably want to use 
the Virtual Users feature of PureFTPd so you can turn of ANONYMOUS 
access and hence reduce your security risk.

Jim


On May 18, 2005, at 4:44 PM, Charles Cox wrote:

> My thanks to Alex and Jim for their comments and suggestions.  Alex, I 
> take your cautions seriously and will definitely look into the details 
> of being a system administrator.  If you can point me to some 
> references, it would be appreciated.
> I don't plan to publicize this ftp site.  I do plan to make it known 
> to selected individuals who need access to some files I'll be 
> creating.  I had planned to place them in the public folder under 
> users.  It is my understanding that if I provide a user name and 
> password, this folder will become available as it will be marked as a 
> "read only" folder.  Is this correct?
>
> Jim, thanks for the step by step instruction for the router and how to 
> obtain the IP address assigned to the router.  I hope to continue 
> working on this during the weekend.
>
> Again, thank you both for your comments.
>
> Chuck
> <snip>