From: "Nick A. Leuta" <skynick@stu.lipetsk.su> To: <security@FreeBSD.ORG> Subject: Re: Disabling FTP (was Re: Why not sandbox BIND?) Message-ID: <007801bf3682$fca3e0f0$131fa8c0@skynick.am.lstu>
index | next in thread | raw e-mail
On Mon, 22 Nov 1999 00:47:35 -0500, Jonathan Chen <jon@spock.org> said: >1) ftpd/telnetd, by themselves, does not give unwanted guests a window of > entry any more than sshd. >3) People who have no need to use ftpd (or telnetd) does not use > ftpd/telnetd. Thus, cleartext password is never transmitted over these > protocols. Hmm... Ftp/telnet is not only services what usually needed... And ssh not only the way to resolve problems with sniffing danger... The security of standard protocols like telnet/ftp/pop3/smtp/etc can be improved by using SSL/TLS (OpenSSL presents in ports), for example telnets/pop3s/smtps... SSLTelnet (client and daemon) presents in ports, pop3 and smtp (telnet also) can be wrapped through any ssl wrapper (stunnel, bjorb presents in ports too, of course... :-) ). Also there are SSLftp (ftpd and client with ssl support), it does not present in ports, but it possible to patch standard FreeBSD ftpd or port SSLftp to FreeBSD... =================== * Paranoya is a professional illness of system administrators SkyNick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007801bf3682$fca3e0f0$131fa8c0>