Date: Fri, 30 Nov 2001 08:06:50 -0800 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Vlad Martynov <vlad@san.ru> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Stock ftpd Message-ID: <200111301607.fAUG7hX94656@cwsys.cwsent.com> In-Reply-To: Your message of "Fri, 30 Nov 2001 18:29:15 %2B0300." <20011130182915.A73088@ns.san.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20011130182915.A73088@ns.san.ru>, Vlad Martynov writes: > Hi! > > On Fri, Nov 30, 2001 at 09:16:11AM -0600, Martin G. McCormick wrote: > > I am asking this question just to be safe. Is the ftp > > daemon which is part of the normal FreeBSD distribution based on > > wuftpd? In other words, my ftp server identifies as > > > > 220 hostname FTP server (Version 6.00LS) ready. > > > > Do I need to replace it? > Yes. Use /usr/ports/ftp/wu-ftpd or /usr/ports/ftp/proftpd. Both of these ftp daemons have had security advisories published about them. Wu-ftpd usually has an advisory published about it about once every four months. If you're concerned about security, wu-ftpd is especially the one not to use. I can't even recall when an advisory was last published about the BSD ftpd. Was there even one? Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Email: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD Ministry of Management Services Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200111301607.fAUG7hX94656>