Date: Sun, 11 Feb 2001 10:50:37 -0800 From: Kris Kennaway <kris@obsecurity.org> To: "siberian.org" <siberian@siberian.org> Cc: Dominic Marks <dominic_marks@hotmail.com>, freebsd-security@FreeBSD.ORG Subject: Re: Secure Servers (SMTP, POP3, FTP) Message-ID: <20010211105037.C52522@mollari.cthul.hu> In-Reply-To: <5.0.0.25.2.20010211101800.00a68bd0@207.126.116.40>; from siberian@siberian.org on Sun, Feb 11, 2001 at 10:19:42AM -0800 References: <F55PFTg4bPYkAOt67zL00011da9@hotmail.com> <5.0.0.25.2.20010211101800.00a68bd0@207.126.116.40>
next in thread | previous in thread | raw e-mail | index | archive | help
--HG+GLK89HZ1zG0kk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Feb 11, 2001 at 10:19:42AM -0800, siberian.org wrote: > I use ncftpd. No one talks much about it, are there inherent problems wit= h=20 > it? I've found it to be reliable, configurable and flexible so I hope I'm= =20 > not missing something... It's impossible to say because it's closed source. It hasn't received much attention from the white-hat community because it's almost impossible to audit for this reason, but someone with serious time or inclination to break lots of ncftpd servers might well be able to turn up security problems using a debugger or disassembler. Kris --HG+GLK89HZ1zG0kk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6ht78Wry0BWjoQKURAnuFAKDJYmhdgMxmQJxX1+wuSfXqSINzngCdF+1c ren9a6oNu9BuWc/z4ZMsMrU= =hEHP -----END PGP SIGNATURE----- --HG+GLK89HZ1zG0kk-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010211105037.C52522>