From owner-freebsd-security  Sat Nov 20 10: 4:35 1999
Delivered-To: freebsd-security@freebsd.org
Received: from ns1.yes.no (ns1.yes.no [195.204.136.10])
	by hub.freebsd.org (Postfix) with ESMTP id 0661814D52
	for <security@FreeBSD.ORG>; Sat, 20 Nov 1999 10:04:24 -0800 (PST)
	(envelope-from eivind@bitbox.follo.net)
Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218])
	by ns1.yes.no (8.9.3/8.9.3) with ESMTP id TAA18265;
	Sat, 20 Nov 1999 19:04:23 +0100 (CET)
Received: (from eivind@localhost)
	by bitbox.follo.net (8.8.8/8.8.6) id TAA09898;
	Sat, 20 Nov 1999 19:04:18 +0100 (MET)
Date: Sat, 20 Nov 1999 19:04:17 +0100
From: Eivind Eklund <eivind@FreeBSD.ORG>
To: Nate Williams <nate@mt.sri.com>
Cc: Matthew Dillon <dillon@apollo.backplane.com>,
	security@FreeBSD.ORG
Subject: Disabling FTP (was Re: Why not sandbox BIND?)
Message-ID: <19991120190417.I602@bitbox.follo.net>
References: <4.2.0.58.19991111220759.044f46d0@localhost> <Pine.BSF.4.10.9911120922190.85007-100000@jade.chc-chimes.c <4.2.0.58.19991112102309.045abf00@localhost> <19991112173306.D76708@florence.pavilion.net> <19991112212912.Z57266@rucus.ru.ac.za> <199911121946.LAA24616@apollo.backplane.com> <199911122114.OAA20606@mt.sri.com> <19991113012855.A62879@fasterix.frmug.org> <199911130031.RAA21117@mt.sri.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <199911130031.RAA21117@mt.sri.com>; from nate@mt.sri.com on Fri, Nov 12, 1999 at 05:31:14PM -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, Nov 12, 1999 at 05:31:14PM -0700, Nate Williams wrote:
> > > > Speaking of default system configurations - what do people think about
> > > > turning off the 'ftp' service in the default configuration?
> > > 
> > > Personally, I don't like it.  At least, not until SSH becomes a default
> > > protocol in the system, since otherwise there is no way to transfer
> > > files to/from FreeBSD boxes easily.
> > 
> > You could still easily reenable ftpd if you need it.
> 
> Or, you could still easily disable ftpd since you almost *always* need
> it right away.

I've never, ever needed it.  It transfers *cleartext* passwords.  My
view is that it is not usable for anything but anonymous FTP.

> > Given recent vulnerability history on many ftp daemons, I think it
> > might be safer to disable FTP by default.
> 
> FreeBSD's ftpd is not succeptible.  Given the argument, why don't we
> disable *ALL* network access, since all are suspect to breakins. :( (I'm
> kidding of course...)

I am in favour of disabling all network access to boxes as they come
from install.  As it is, we have a bunch of things that are most often
not necessary, and we're encouraging people (like poor misguided Nate
here ;) to run protocols that do not encrypt passwords.

Any proposal to disable things that listen to the network in our
default setup will have my approval.

Eivind.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message