OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: [suse-security] strange ftp-scan
From: Kurt Seifried (listuserseifried.org)
Date: Sat Oct 07 2000 - 07:41:07 CDT

> There was a security advisory about just about every ftp daemon, with all
> this format string s*** going around. The latest release of proftpd is
> supposed to be safe, and it's pretty good. Anyone using wuftpd after about
> 9 straight years of continual holes is probably suicidal (that brings to
> mind, is it still DeadRat's default ftp package? You do the math ;-))
>
> If you need fast and safe (anonymous) ftp though, look af ncftpd
> (www.ncftp.com). Unfortunately not open source, but the best ftp daemon I
> know. If you're an educational site you can get it free, if you only
> need 3 concurrent users it's free as well.

Actually you can get a source license for NcFTPD, but it's not cheap, and it
seems to me that I shouldn't have to pay a vendor for the "privilege" of
auditing their source code so that I know it is safe to use. Also ProFTPD
has a number of security features (DenyFilter for example) that make it much
much harder for an attacker to get in (for example I block the % char on all
my ftp servers, a lot of the remote exploits need to be able to pass that to
work).

NcFTPD is however pretty damn fast, but proftpd is used on sourceforge and
some other pretty major sites (ftp.turbolinux.com for example) and in
general has no problem keeping up with load.

>
> greetz
>
> Stefan

-Kurt

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com