Easiest solution:
Setup a ftp server or sftp/scp/ssh server with OpenBSD on a separate IP
Address from your firewall/gateway. I once setup a ftp server out in
the open like that with OpenBSD. I ran no firewalls. I never had any
problems. If you do this and say if it does get hacked, broken into, or
messed up...not to worry it's outside your firewall and thus outside
your network. The idea is, of course, that I don't care what happens to
this server and I warn all my users that this server is not meant to be
safe or reliable. I mention this because if you go with sftp/scp/ssh
instead of ftp, the reluctance that users can see more of the system
than you want or install a trojan that will elevate their rights would
not matter, because it's on a server that you don't care about and that
server is outside your network.
I know of one linux system at a colo that has firewall protection and it
goes down all the time. But my little openbsd box just keeps going.
- Re: Suggestions about a replacement for FTP over SSL [lon... Smith
-
