pokeoly.silverlink.net

• Next message: Chris Evans: "Re: free() issues"
• Previous message: Fred Cohen: "Re: free() issues"
• Next in thread: Jim Breton: "Re: POP3 Servers"
• Reply: Jim Breton: "Re: POP3 Servers"
• Reply: Horms: "Re: POP3 Servers"
• Reply: Daniel Jacobowitz: "Re: POP3 Servers"
• Reply: Joe Barnhart: "Re: POP3 Servers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

<RANT>

Everytime someone finds a hole in wu-ftpd the script kiddies have a field
day! I'm getting at least 4 scans per day from all over. Is anyone else
seeing so much activity? Fortunately I had all of my servers patched
quickly. The only good part is that I'm getting to know a lot of other
system administrators (who are unwittingly "hosting" the attacks).

</RANT>

This whole thing got me wondering. The only service I'm running that isn't
being actively developed is "cucipop", nor can I find the source to it. It
seems to be extraordinarily reliable, but a quick look at Freshmeat shows
that it hasn't been developed any further since August 13, 1998 (not
counting the PAM patch that was tweaked as recently as January of this
year). My questions:

1. Has this been audited recently?

2. Does anyone know of any vulnerabilities?

3. What is the concensus on using (or not using) cucipop directly on the
   big bad internet?

4. Does anyone know where to find the source?

Thanks,

-Chuck

 --
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
: 25: ten.knilrevlisekop :
: 80: http://www.silverlink.net/poke :
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

• Next message: Chris Evans: "Re: free() issues"
• Previous message: Fred Cohen: "Re: free() issues"
• Next in thread: Jim Breton: "Re: POP3 Servers"
• Reply: Jim Breton: "Re: POP3 Servers"
• Reply: Horms: "Re: POP3 Servers"
• Reply: Daniel Jacobowitz: "Re: POP3 Servers"
• Reply: Joe Barnhart: "Re: POP3 Servers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]