2010-11-08 13:47:46 
阿炯
proftpd是一款开放源码的ftp服务器软件,它是原来世界范围使用最广泛的wu-ftpd的改进版,它修正了wu-ftpd的许多缺陷,在许多方面进行了重大的改进,其中一个重要变化就是它学习了Apache 的配置方式,使proftpd的配置和管理更加简单易懂。
ProFTPD是一个Unix平台上或是类Unix平台上(如Linux, FreeBSD等)的FTP服务器程序,它是在自由软件基金会的版权声明(GPL)下开发、发布的免费软件,也就是说任何人只要遵守GPL版权声明,都可以随意修改源始码。
ProFTPD设计目标是实现一个安全且易于设定的FTP Server。目前Unix或类Unix平台上 FTP Server十分有限,最常使用的恐怕就是wu-ftpd了。虽然wu-ftpd有着极佳的效能同时也是一套很好的软件,然而它却欠缺了许多Win32平台上FTP Server的一些特色,同时wu-ftpd过去也有不少的安全漏洞陆续被发现。ProFTPD的原创者本身就曾经花非常多的时间寻找wu-ftpd 的漏洞加以改进并且增加许多功能。然而十分不幸的是,他很快地发现显然wu-ftpd需要全部重新的改写才能补足欠缺的设定能力以及缺乏的一些功能。 ProFTPD不是从其它FTP Server的既有原始码修改而产生的,相反的,它是完全独立而完整、重新改写的FTP Server。
ProFTPD grew out of the desire to have a secure and configurable FTP server, and out of a significant admiration of the Apache web server.
When the Project began, the most commonly used server was wu-ftpd. While wu-ftpd provides excellent performance and is generally a good product, it lacks numerous features found in newer Win32 FTP servers and has a poor security history. Many people, including the developers who work on ProFTPD, had spent a great deal of time fixing bugs and hacking features into wu-ftpd. Unfortunately, it quickly became clear that a complete redesign was necessary in order to implement the configurability and features desired.
In addition to wu-ftpd, there are a few of other FTP servers available which are designed to be light-weight and secure at the expense of configurability. For example, Troll FTP is an excellent FTP daemon which is considerably more secure and less resource-intensive than wu-ftpd. Unfortunately, while it is quite suitable for basic FTP services, it does not offer the feature set required for more sophisticated FTP sites.
ProFTPD的主要包括如下特点:
* 单一主设置文件,包含许多指令以及其支配的组,对Apache Web Serve的设置不陌生的话相信一定会觉得十分容易操作设定。
* 每个目录都可以定义一个".ftpaccess"设置文件,就如同Apache的".htaccess"文件一样可以设定该目录的存取权限。
* 可设定多个虚拟FTP server,而匿名FTP服务更是十分容易。
* 可根据系统的负载(load)选择以单独运作(stand-alone)方式或是由inetd启动。
* 匿名FTP的根目录不需要特定的目录结构、系统二进制执行文件或其它系统文件。
* ProFTPD不执行任何外部程序以免造成安全漏洞。
* 具有隐藏目录或隐藏文件,源自于Unix形式的档案权限,或是user/group类型的档案权限设定。
* 能够以一般使用者在单独运作(stand-alone)模式下执行,以减少某些藉由攻击方式取得root权的可能性。注:此功能与Unix的操作系统有关。
* 支持系统记录以及utmp/wtmp。记录的方式与wu-ftpd的标准完全兼容,也支持记录内容的延伸格式。
* 支持Shadow&password,包括了帐号使用期限设定的功能。
Features
ProFTPD offers the following features, with many more planned):
* Single main configuration file, with directives and directive groups which are intuitive to any administrator who has ever used the Apache web server.
* Per directory ".ftpaccess" configuration similar to Apache's ".htaccess".
* Easy to configure multiple virtual FTP servers and anonymous FTP services.
* Designed to run either as a stand-alone server or from inetd/xinetd, depending on system load.
* Anonymous FTP root directories do not require any specific directory structure, system binaries or other system files.
* No SITE EXEC command. In modern Internet environments, such commands are a security nightmare.
* Source code is available (and must always be available) for administrators and developers to audit.
* Hidden directories and files, based on Unix-style permissions or user/group ownership.
* Runs as a configurable non-privileged user in stand-alone mode in order to decrease chances of attacks which might exploit its "root" abilities. Note: This feature is dependent on the capabilities of the host Unix system.
* Logging and utmp/wtmp support. Logging is compatible with the wu-ftpd standard, with extended logging available.
* Shadow password suite support, including support for expired accounts.
* Modular design, allowing server to be extended easily with modules. Modules have been written for SQL databases, LDAP servers, SSL/TLS encryption, RADIUS support, etc.
* IPv6 support.
最新版本:1.3
官方主页:http://www.proftpd.org/