From owner-freebsd-security Fri Nov 30 8:29:36 2001 Delivered-To: freebsd-security@freebsd.org Received: from clink.schulte.org (clink.schulte.org [209.134.156.193]) by hub.freebsd.org (Postfix) with ESMTP id 11E1237B416 for ; Fri, 30 Nov 2001 08:29:29 -0800 (PST) Received: from schulte-laptop.schulte.org (nb-65.netbriefings.com [209.134.134.65]) by clink.schulte.org (Postfix) with ESMTP id 9B1552440B; Fri, 30 Nov 2001 10:29:27 -0600 (CST) Message-Id: <5.1.0.14.0.20011130102546.03aafc08@pop.schulte.org> X-Sender: schulte@pop.schulte.org X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Fri, 30 Nov 2001 10:29:18 -0600 To: Cy Schubert - ITSD Open Systems Group , Vlad Martynov From: Christopher Schulte Subject: Re: Stock ftpd Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <200111301607.fAUG7hX94656@cwsys.cwsent.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 08:06 AM 11/30/2001 -0800, Cy Schubert - ITSD Open Systems Group wrote: >I can't even recall when an advisory was last published about the BSD >ftpd. Was there even one? Even FreeBSD ftpd is not immune: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:33.ftpd-glob.v1.1.asc Let's not start the usual, "USE MY FAVORITE FTPD, xxxxx" response. Just like any any other public service, you should know the history of the code you're using, as well as the multiple alternatives available should a problem arise or you wish to take possible proactive action. Be aware, have an IDS, and make backups. :-) >Regards, Phone: (250)387-8437 >Cy Schubert Fax: (250)387-5766 >Team Leader, Sun/Alpha Team Email: Cy.Schubert@osg.gov.bc.ca >Open Systems Group, ITSD >Ministry of Management Services >Province of BC --c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message