"Running a public FTP site securely can be difficult. Taking
full advantage of the security features supported by your FTP
server application of choice can be a chore, and even then there's
a good chance that sooner or later vulnerabilities will come to
light making all that work for naught. So what else can you do?
"One important technique is to run an FTP proxy on your
firewall. Whereas the standard Netfilter code in the Linux kernel
only inspects packets, an FTP proxy lets your firewall act as an
intermediary in all FTP transactions. This increases your
protection against buffer overflows and many other kinds of FTP
attacks. It also allows you to restrict which FTP commands are
executed by FTP clients.
"This month I explain how to run SuSE's free (and
non-SuSE-Linux-specific) Proxy-Suite FTP proxy on your Linux
firewall, adding transparent but strong protection to all your FTP
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.