FTP: Better Than HTTP, Or Obsolete?

An anonymous reader asks "Looking to serve files for downloading (typically 1MB-6MB), I'm confused about whether I should provide an FTP server instead of / as well as HTTP. According to a rapid Google search, the experts say 1) HTTP is slower and less reliable than FTP and 2) HTTP is amateur and will make you look a wimp. But a) FTP is full of security holes. and b) FTP is a crumbling legacy protocol and will make you look a dinosaur. Surely some contradiction... Should I make the effort to implement FTP or take desperate steps to avoid it?"

Forget them both....

[NinteyThree]

...use sftp!

Re:No,

One that I use on windows can even make six simultaneous connections to the same server

YOU! You're the one that keeps doing that! You absolute loser! Open one connection and wait your turn.

People like you are the reason why people like me have to write rate-limiting software. You're not happy getting your fair share, and try stupid tricks like that to 'speed things up'. Sure, it may get faster - for you - but everyone else suffers.

FTP is sure to work for everyone!

[ponos]

Well, I'm just a user/programmer/hobbyist and not a network expert, but I have to say I find FTP a more elegant choice. It is a little faster, it is quite reliable, it is the tool for the job (that's why they call it File Transmission Protocol). It's also supported by EVERYTHING, including all major browsers, classical ftp client, "fancy" ftp clients, wget etc. And, last but not least, you can use wildcards over FTP because it is supposed to "mimic" a real filesystem.

I usually prefer (as a user, always) to do my transfers via FTP. Hell, I'd use ZModem if it was available! (quite faster, and extra speed is always nice if you have a 33.6K modem, anyway it is not relevant but it made me remember the good old days when men where real men and modems where painfully slow).

P.

Go with FTP

[Billly+Gates]

I would be caught dead before using Wu-ftp or any other ftp daemon which has security issues but go with ftp.

But http is not that much more secure either. Yes apache is more secure then IIS. But it does have vulnerabilities and is listed by the fbi as one of the most dangerous apps that can be cracked as well as IIS.

I use to have two terrible modem based ISP's before I upgraded to a cable modem. I had alot of bad packets from noise on my line. The speed seems the same but I would have various crc errors sometimes when I download large files over http. I have never had the same problems with FTP. Now since I have a cable modem the problems have went away but it seems that ftp has better error checking then http but I am not an expert in the protocals. Just do your research before you pick a ftp or http daemon.

If you use a Linux/Unix box make sure you turn off inet. FreeBSD 5.0 sysinstall makes this very easy to do. Also you do not need to use the latest and greatest ftp daemon. The large ones are generally less secure. I heard that the Debian developers created a tiny but free and relativly secure ftp daemon which you may want to use. I do not remember the name and I have never used it so I can not comment but it has been mentioned on slashdot several times why debians ftp site is so secure.

it's in the name

[rodolfo.borges]

FTP is the [F]ile [T]ransfer [P]rotocol.
period.

HTTP is better

[NigelJohnstone]

FTP:

No standard directory listing

Designed for human readable command lines not machine readability

Bad error recovery, many differing standards on restart

Password sent in plain text, not even concealed

ASCII mode! Need I say more?

HTTP: none of the above