vsftpd
| Developer(s) | Chris Evans |
|---|---|
| Stable release | 3.0.2 / September 18, 2012 |
| Operating system | Unix-like systems |
| Type | FTP daemon |
| License | GPL |
| Website |
security |
vsftpd, (or very secure FTP daemon),[1] is an FTP server for Unix-like systems, including Linux. It is licensed under the GNU General Public License. It supports IPv6 and SSL.
vsftpd supports explicit (since 2.0.0) and implicit (since 2.1.0) FTPS.
vsftpd is the default FTP server in the Ubuntu, CentOS, Fedora, NimbleX, Slackware and RHEL Linux distributions.
Compared to other ftp server software vsftpd is built to be especially efficient and very secure.
History
In July 2011, it was discovered that vsftpd version 2.3.4 downloadable from the master site had been compromised.[2][3] Users logging into a compromised vsftpd-2.3.4 server may issue a ":)" smileyface as the username and gain a command shell on port 6200.[3] This was not an issue of a security hole in vsftpd, instead, someone had uploaded a different version of vsftpd which contained a backdoor. Since then, the site was moved to Google App Engine.
See also
- Comparison of FTP server software
- TCP Wrapper
References
- ↑ "README file from source code".
- ↑ vsftpd Compromised Source Packages Backdoor Vulnerability at SecurityFocus
- ↑ 3.0 3.1 Evans, Chris (2011-06-03). "Alert: vsftpd download backdoored". Retrieved July 7, 2011.
External links
- Official website
- List of Config Directives
- vsftpd at Freecode
- vsftpd Forum a vsftpd support Forum
- Guide to setting up vsftpd including TLS/SSL encryption