Date: Fri, 12 Nov 1999 17:31:14 -0700 From: Nate Williams <nate@mt.sri.com> To: Pierre Beyssac <pb@fasterix.freenix.org> Cc: Nate Williams <nate@mt.sri.com>, Matthew Dillon <dillon@apollo.backplane.com>, Barry Irwin <bvi@rucus.ru.ac.za>, Josef Karthauser <joe@pavilion.net>, Brett Glass <brett@lariat.org>, Bill Fumerola <billf@chc-chimes.com>, Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, security@FreeBSD.ORG Subject: Re: Why not sandbox BIND? Message-ID: <199911130031.RAA21117@mt.sri.com> In-Reply-To: <19991113012855.A62879@fasterix.frmug.org> References: <4.2.0.58.19991111220759.044f46d0@localhost> <Pine.BSF.4.10.9911120922190.85007-100000@jade.chc-chimes.c <4.2.0.58.19991112102309.045abf00@localhost> <19991112173306.D76708@florence.pavilion.net> <19991112212912.Z57266@rucus.ru.ac.za> <199911121946.LAA24616@apollo.backplane.com> <199911122114.OAA20606@mt.sri.com> <19991113012855.A62879@fasterix.frmug.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > Speaking of default system configurations - what do people think about > > > turning off the 'ftp' service in the default configuration? > > > > Personally, I don't like it. At least, not until SSH becomes a default > > protocol in the system, since otherwise there is no way to transfer > > files to/from FreeBSD boxes easily. > > You could still easily reenable ftpd if you need it. Or, you could still easily disable ftpd since you almost *always* need it right away. > Given recent vulnerability history on many ftp daemons, I think it > might be safer to disable FTP by default. FreeBSD's ftpd is not succeptible. Given the argument, why don't we disable *ALL* network access, since all are suspect to breakins. :( (I'm kidding of course...) Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911130031.RAA21117>