Date: Fri, 1 Dec 2000 09:58:30 +0100 From: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE> To: Chris Wasser <cwasser@v-wave.com> Cc: freebsd-security@freebsd.org Subject: Re: which ftpd Message-ID: <20001201095830.A24994@gil.physik.rwth-aachen.de> In-Reply-To: <20001201015209.A38085@skunkworks.area51-arpa.mil>; from cwasser@v-wave.com on Fri, Dec 01, 2000 at 01:52:09AM -0700 References: <200012010823.JAA24840@gilberto.physik.rwth-aachen.de> <20001201015209.A38085@skunkworks.area51-arpa.mil>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Dec 01, 2000 at 01:52:09AM -0700, Chris Wasser wrote: > On Fri 01 Dec 2000, Christoph Kukulies wrote: > > I just discovered a bunch of suspicious files and directories > > in my incoming directory: > > Forgive me if I'm missing the point, but the obvious solution > would be to only allow ftp access to registered system users, > rather then anonymous which is a ripe target for the activities > of warez couriers. My only concern was security, that is, secure against exploits through buffer overflows and in the past, I agree with the foreposter, wuftpd always was lagging behind WRT closing these buffer overflow holes. I don't want to confine my ftp access to a closed circle. Looking into /incoming more frequently can keep those warez kids away. And forbidding directory creation as well. My point was, if the stock ftpd offers all this. > > -Chris -- Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001201095830.A24994>