|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Florian Weimer (fw
deneb.enyo.de)
Date: Wed Sep 02 2009 - 13:06:29 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> 1. Why is CERT recommending removing anonymous write access. This is
> something that is pretty rare, I imagine?
I'm sure it's still used for sending in crash dumps and similar stuff.
> Aren't all the boxes "anonymously" vulnerable to this already used
> as warez servers since they have remote writable access turned on?
Only if read access is enabled, too. And it might even be relatively
safe again to run an open FTP server. There seems to be little
systematic probing to find suitable upload locations deeper down the
directory tree.
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]