From owner-freebsd-security Fri Dec 1 0:58:35 2000 Delivered-To: freebsd-security@freebsd.org Received: from gilberto.physik.rwth-aachen.de (gilberto.physik.rwth-aachen.de [137.226.30.2]) by hub.freebsd.org (Postfix) with ESMTP id 3FA3237B400 for ; Fri, 1 Dec 2000 00:58:33 -0800 (PST) Received: (from kuku@localhost) by gilberto.physik.rwth-aachen.de (8.9.3/8.9.3) id JAA25047; Fri, 1 Dec 2000 09:58:30 +0100 (CET) (envelope-from kuku) Date: Fri, 1 Dec 2000 09:58:30 +0100 From: Christoph Kukulies To: Chris Wasser Cc: freebsd-security@freebsd.org Subject: Re: which ftpd Message-ID: <20001201095830.A24994@gil.physik.rwth-aachen.de> References: <200012010823.JAA24840@gilberto.physik.rwth-aachen.de> <20001201015209.A38085@skunkworks.area51-arpa.mil> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <20001201015209.A38085@skunkworks.area51-arpa.mil>; from cwasser@v-wave.com on Fri, Dec 01, 2000 at 01:52:09AM -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Dec 01, 2000 at 01:52:09AM -0700, Chris Wasser wrote: > On Fri 01 Dec 2000, Christoph Kukulies wrote: > > I just discovered a bunch of suspicious files and directories > > in my incoming directory: > > Forgive me if I'm missing the point, but the obvious solution > would be to only allow ftp access to registered system users, > rather then anonymous which is a ripe target for the activities > of warez couriers. My only concern was security, that is, secure against exploits through buffer overflows and in the past, I agree with the foreposter, wuftpd always was lagging behind WRT closing these buffer overflow holes. I don't want to confine my ftp access to a closed circle. Looking into /incoming more frequently can keep those warez kids away. And forbidding directory creation as well. My point was, if the stock ftpd offers all this. > > -Chris -- Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message