... And if you want anonymous logins, you WILL notice it if it dont work. Same goes to user-logins. So why not simply disable both in the standard-config-file (effectively making the server unusable until someone have changed the config), and include comments telling how to enable it? One common use case for non-anonymous ftp is file uppload to a web-hotel - as most users either dont know about or dont care about more secure ways. And those have mostly disabled ssh logins. lør, 11.09.2004 kl. 11.39 skrev Paul Trippett: > On Sat, 2004-09-11 at 06:42, Charles R. Anderson wrote: > > Not really...I think he makes a very valid point that allowing trusted > > users to login via FTP is worse than allowing anonymous users FTP > > access. FTP should only ever be used in anonymous mode, like HTTP > > servers are mostly used for. If you don't what that, don't enable the > > service. > > yes, it is best practise but how many companies use FTP on there > internal network "in a controlled enviroment" to put data onto internal > web/ftp/email etc servers. This number has to outway the number of > companies running known anonymous ftp servers. Linux is being used more > an more in internal company networks where anonymous ftp to servers > would not be wanted. > > /pt >
