Date: Sat, 20 Nov 1999 14:47:59 -0500 (EST) From: James Gill <gill@topsecret.net> To: Craig Garner <xrayu@home.com> Cc: Eivind Eklund <eivind@FreeBSD.ORG>, Nate Williams <nate@mt.sri.com>, Matthew Dillon <dillon@apollo.backplane.com>, security@FreeBSD.ORG Subject: Re: Disabling FTP (was Re: Why not sandbox BIND?) Message-ID: <Pine.BSF.4.10.9911201434030.8734-100000@pacific.int.topsecret.net> In-Reply-To: <3836E8E3.E9F9E009@home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm wandering into an ongoing discussion in -security with some personal observations and -advocacy but here goes: As a relative newbie, having ftpd on by default makes perfect sense. Few newbies are going to be building a machine to place into mission-critical service that day. I would venture that most folks play around with FreeBSD on a scratch system (sandbox? ;-)) for at least a little while first. I use FTP between systems regualrly and having cleartext passwords on the LAN isn't a *huge* issue in most cases...and if you've got concerns with cleartext passwords xmitted over your LAN you have probably got more pressing issues to be dealing with. That said, the person who first installs FreeBSD and wants to move files around who has to go in and figure out how to turn on ftpd is probably going to get _very_ frustrated. Especially when coming from a MS background in a plug-n-play world...converting these people is a gradual process, and throwing them in and expecting them to understand the underlying unix philosophies that are so different from the world they come from is going to cause more harm than good. Remember, if you take a server, boot it with an NT CD-ROM, accept all the defaults on the NT install and reboot, you've generally got a functioning server and if you do it five times you've got a functioning network. Albeit not the most secure, and not the ideal configuration but it does WORK and from there you can begin to make config changes. Maybe FreeBSD doesn't need to be *so* simplistic, but understanding that this is one of the major reasons why NT is very successful in the business world, especially the small business world (where folks try to use their computers for other ends than just making them talk to one another and can't afford full-time administrators) is something to consider when debating turning off services that most people will consider "basic" cheers, --gill On Sat, 20 Nov 1999, Craig Garner wrote: ->Eivind Eklund wrote: ->> ->> On Fri, Nov 12, 1999 at 05:31:14PM -0700, Nate Williams wrote: ->> > > > > Speaking of default system configurations - what do people think about ->> > > > > turning off the 'ftp' service in the default configuration? ->> > > > ->> > > > Personally, I don't like it. At least, not until SSH becomes a default ->> > > > protocol in the system, since otherwise there is no way to transfer ->> > > > files to/from FreeBSD boxes easily. ->> > > ->> > > You could still easily reenable ftpd if you need it. ->> > ->> > Or, you could still easily disable ftpd since you almost *always* need ->> > it right away. ->> ->> I've never, ever needed it. It transfers *cleartext* passwords. My ->> view is that it is not usable for anything but anonymous FTP. ->> ->> > > Given recent vulnerability history on many ftp daemons, I think it ->> > > might be safer to disable FTP by default. ->> > ->> > FreeBSD's ftpd is not succeptible. Given the argument, why don't we ->> > disable *ALL* network access, since all are suspect to breakins. :( (I'm ->> > kidding of course...) ->> ->> I am in favour of disabling all network access to boxes as they come ->> from install. As it is, we have a bunch of things that are most often ->> not necessary, and we're encouraging people (like poor misguided Nate ->> here ;) to run protocols that do not encrypt passwords. ->> ->> Any proposal to disable things that listen to the network in our ->> default setup will have my approval. ->> ->> Eivind. ->> ->If you think about it, why should someone who doesn't know how to turn ->something on and off have it on in the first place? I'm sure these ->ideas 'scare' newbie people who do not wish to read and figure out how ->to do this. I personally like to install a box, turn everything off, ->and then turn on what I need. -> ->Craig To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9911201434030.8734-100000>