diff -uNpar proftpd.orig/sample-configurations/basic.conf proftpd/sample-configurations/basic.conf

--- proftpd.orig/sample-configurations/basic.conf	2004-04-15 22:46:38 +0400

+++ proftpd/sample-configurations/basic.conf	2007-05-16 15:47:27 +0400

@@ -4,9 +4,17 @@

 # "nobody" and "ftp" for normal operation and anon.

 ServerName			"ProFTPD Default Installation"

-ServerType			standalone

+ServerType			inetd

 DefaultServer			on

+# Use pam to authenticate (default) and be authoritative

+AuthPAMConfig			ftp

+AuthOrder			mod_auth_pam.c* mod_auth_unix.c

+

+# Do not perform ident nor DNS lookups (hangs when the port is filtered)

+IdentLookups			off

+UseReverseDNS			off

+

 # Port 21 is the standard FTP port.

 Port				21

@@ -14,6 +22,17 @@ Port				21

 # from being group and world writable.

 Umask				022

+# Default to show dot files in directory listings

+ListOptions			"-a"

+

+# See Configuration.html for these (here are the default values)

+#MultilineRFC2228		off

+#RootLogin			off

+#LoginPasswordPrompt		on

+#MaxLoginAttempts		3

+#MaxClientsPerHost		none

+#AllowForeignAddress		off	# For FXP

+

 # To prevent DoS attacks, set the maximum number of child processes

 # to 30.  If you need to allow more than 30 concurrent connections

 # at once, simply increase this value.  Note that this ONLY works

@@ -24,7 +43,7 @@ MaxInstances			30

 # Set the user and group under which the server will run.

 User				nobody

-Group				nogroup

+Group				nobody

 # To cause every FTP user to be "jailed" (chrooted) into their home

 # directory, uncomment this line.

@@ -38,11 +57,103 @@ AllowOverwrite		on

   DenyAll

 </Limit>

+# See README.DSO and howto/DSO.html for more details.

+#<IfModule mod_dso.c>

+# 	LoadModule mod_tls.c

+#</IfModule>

+# TLS

+# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html

+#TLSEngine			on

+#TLSRequired			on

+#TLSRSACertificateFile		/var/lib/ssl/certs/proftpd.pem

+#TLSRSACertificateKeyFile	/var/lib/ssl/certs/proftpd.pem

+#TLSCipherSuite			ALL:!ADH:!DES

+#TLSOptions			NoCertRequest

+#TLSVerifyClient		off

+##TLSRenegotiate		ctrl 3600 data 512000 required off timeout 300

+#TLSLog				/var/log/proftpd/tls.log

+

+# SQL authentication Dynamic Shared Object (DSO) loading

+# See README.DSO and howto/DSO.html for more details.

+#<IfModule mod_dso.c>

+#   LoadModule mod_sql.c

+#   LoadModule mod_sql_mysql.c

+#   LoadModule mod_sql_postgres.c

+#</IfModule>

+

+# Allow FTP resuming.

+# Remember to set to off if you have an incoming ftp for upload.

+AllowStoreRestart              on

+

+# local <-> remote charset conversion

+#CharsetLocal KOI8R

+#CharsetRemote WINDOWS-1251

+

+

+

+# A basic anonymous configuration, with an upload directory.

+#<Anonymous ~ftp>

+#  User				ftp

+#  Group				ftp

+#  AccessGrantMsg		"Anonymous login ok, restrictions apply."

+#

+#  # We want clients to be able to login with "anonymous" as well as "ftp"

+#  UserAlias			anonymous ftp

+#

+#  # Limit the maximum number of anonymous logins

+#  MaxClients			10 "Sorry, max %m users -- try again later"

+#

+#  # Put the user into /pub right after login

+#  #DefaultChdir			/pub

+#

+#  # We want 'welcome.msg' displayed at login, '.message' displayed in

+#  # each newly chdired directory and tell users to read README* files. 

+#  DisplayLogin			/welcome.msg

+#  DisplayFirstChdir		.message

+#  DisplayReadme			README*

+#

+#  # Some more cosmetic and not vital stuff

+#  DirFakeUser			on ftp

+#  DirFakeGroup		on ftp

+#

+#  # Limit WRITE everywhere in the anonymous chroot

+#  <Limit WRITE SITE_CHMOD>

+#    DenyAll

+#  </Limit>

+#

+#  # An upload directory that allows storing files but not retrieving

+#  # or creating directories.

+#  <Directory uploads/*>

+#    AllowOverwrite		no

+#    <Limit READ>

+#      DenyAll

+#    </Limit>

+#

+#    <Limit STOR>

+#      AllowAll

+#    </Limit>

+#  </Directory>

+#

+#  # Don't write anonymous accesses to the system wtmp file (good idea!)

+#  WtmpLog			off

+

+#  LogFormat            default "%h %l %u %t \"%r\" %s %b"

+#  LogFormat            auth    "%v [%P] %h %t \"%r\" %s"

+#  LogFormat            write   "%h %l %u %t \"%r\" %s %b"

+#

+#  # Logging for the anonymous transfers

+#  ExtendedLog		/var/log/proftpd/access.log WRITE,READ default

+#  ExtendedLog		/var/log/proftpd/auth.log AUTH auth

+#

+#</Anonymous>

+

 # A basic anonymous configuration, no upload directories.  If you do not

 # want anonymous users, simply delete this entire <Anonymous> section.

 <Anonymous ~ftp>

   User				ftp

   Group				ftp

+  

+  RequireValidShell		off

   # We want clients to be able to login with "anonymous" as well as "ftp"

   UserAlias			anonymous ftp

@@ -54,9 +165,15 @@ AllowOverwrite		on

   # in each newly chdired directory.

   DisplayLogin			welcome.msg

   DisplayFirstChdir		.message

-

+  

   # Limit WRITE everywhere in the anonymous chroot

   <Limit WRITE>

     DenyAll

   </Limit>

+

+  # Limit LOGIN for anonymous login

+  <Limit LOGIN>

+    DenyAll

+  </Limit>

+

 </Anonymous>