Date: Fri, 05 Dec 1997 07:12:41 -0800 From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca> To: Vadim Kolontsov <vadim@tversu.ru> Cc: "Jordan K. Hubbard" <jkh@time.cdrom.com>, Adam Shostack <adam@homeport.org>, robert@cyrus.watson.org, security@freebsd.org Subject: Re: Possible problem with ftpd 6.00 Message-ID: <199712051513.HAA22525@cwsys.cwsent.com> In-Reply-To: Your message of "Fri, 05 Dec 1997 11:04:39 %2B0300." <19971205110439.23205@tversu.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
>
> On Thu, Dec 04, 1997 at 02:48:08AM -0800, Jordan K. Hubbard wrote:
> > > If you design systems such that people need to RTFM, your systems will
> > > fail. The FTP daemon should be re-written so that it doesn't ask for
> > > a password when its offering anonymous access. (As in http).
> >
> > Which would break the heck out of many traditional FTP clients which
> > expect every user, be it a legit one or an anonymous one, will result
> > in a password being requested by the ftpd and they'll probably fail
> > the handshake with your optimization.
>
> It seems like "non-password" anonymous ftp servers exist and work:
>
> sh-2.00$ ftp koobera.math.uic.edu
> Connected to koobera.math.uic.edu.
> 220 Hi there! This is anonftpd.
> Name (koobera.math.uic.edu:vadim): ftp
> 230 Hi. No need to log in; I'm an anonymous ftp server.
> Remote system type is UNIX.
> Using binary mode to transfer files.
> ftp>
>
> By the way, Netscape (at least Communicator 4.04) understands it.
You have stumbled across aguably (IMHO) the best anonymous FTP server out
there. Netscape sends USER and PASS commands, regardless of the prompt. If
you want to run a read-only anonymous FTP server, this is the one to use.
Because anonftp doesn't handle "regular" FTP, you would need to put your
"regular" FTP server on another port.
The reason anonftpd is so good is that it does only one thing: Anonymous FTP,
that's it. Maybe there should be a port for it (and some other of Daniel
Bernstien's work such as Qmail). Then people who want to run a secure
anonymous FTP server can.
>
> Best regards,
> V.
> --
> Vadim Kolontsov
> Tver Internet Center NOC
> phone: +7-(0822)-365743,
>
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
UNIX Support OV/VM: BCSC02(CSCHUBER)
ITSD BITNET: CSCHUBER@BCSC02.BITNET
Government of BC Internet: cschuber@uumail.gov.bc.ca
Cy.Schubert@gems8.gov.bc.ca
"Quit spooling around, JES do it."
> Hi,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199712051513.HAA22525>