Date: Tue, 23 Nov 1999 11:19:04 +0100 From: sthaug@nethelp.no To: gill@topsecret.net Cc: security@FreeBSD.ORG Subject: Re: Disabling FTP (was Re: Why not sandbox BIND?) Message-ID: <61255.943352344@verdi.nethelp.no> In-Reply-To: Your message of "Sat, 20 Nov 1999 14:47:59 -0500 (EST)" References: <Pine.BSF.4.10.9911201434030.8734-100000@pacific.int.topsecret.net>
index | next in thread | previous in thread | raw e-mail
> As a relative newbie, having ftpd on by default makes perfect sense. Few > newbies are going to be building a machine to place into mission-critical > service that day. As a person responsible for network security I am amazed and disgusted at the number of boxes running open source OSes that are connected to the net - by students and others - and that are, basically, wide open. SMTP open for relaying, IMAP or POP3 servers with well known holes, etc. There boxes may not be used for mission-critical functions - but because they are open, they are a danger for their surroundings. They are being misused for spamming, are being used as breakin entry points, etc. And new boxes are popping up all the time. For me it makes perfect sense that these services should be turned off by default, and that you have to actually *do* something to turn it on. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?61255.943352344>