FTP (File Transfer Protocol) servers normally require authentication. A user must login, providing a username and password, and the session will last only as long as the user stays logged in.

Anonymous FTP provides users with the ability to access an FTP server without providing password authentication. At first glance, this may sound insane, but it does have some practical uses.

Despite the name, it is not completely anonymous, and you can still track users who access your server through their IP addresses and the information that you require when they login (Some anonymous FTP services require the user to provide an email address).

The advantage of anonymous FTP is that you can provide fast access to public archives without having to tie up web server processes with multiple extended connections, especially when distributing large files. Because of this advantage, many public institutions like universities and libraries will distribute downloadable material through anonymous FTP. Some of them, like ibiblio.org, also distribute Linux distributions and other free and open source software.

The disadvantage of anonymous FTP is that you have little control over who accesses your FTP server or how often they do it. If you have particularly popular file downloads, it can place quite a load on the server. For this reason, many organization with limited resources have chosen alternatives like BitTorrent to distribute large files.

Because anonymous FTP allows users to access the server without authentication, you will need to take extra security steps to prevent exploits. Be sure to disable the SITE EXEC command, chroot the public directory, and disable any write privileges. If you have no pressing need to offer anonymous FTP services, it is better to disable it completely.