OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: [suse-security] A simple and secure FTPd
From: Kurt Seifried (listuserseifried.org)
Date: Tue Nov 28 2000 - 04:05:08 CST


> currently there's a secure ftp wrapper called safetp:
> http://www.cs.berkeley.edu/~smcpeak/SafeTP/
>
> with that program you can use the ftp server you like more (my choice
> is ncftpd, free for personal use).
> from windog workstation the users can use any ftp client they like:
> acting as proxy this safetp encrypt the ftp password exchange.
>
> IMHO definetivly the lack of groupware tools as a simple (and secure) way
> to share files between users and from users and the rest of the world, the
> lack of acl, and the lack of really automatic way to install machines make

ACL's are somewhat overrated but would be nice. As far as install, RedHat
does Kickstart, one floppy, config can be stored on server making it really
nice, alas no other vendors seem to have this (HINT!).

> the linux boxes administration a nightmare and normally are menace to the
> system security (how many sites are using ssh? many? but there're many
> more with a broken syslogd:-( ).

Hate to break it to you but ANY OS installed out of the box has root hacks
(even OpenBSD). Updates are required, at least with linux we have
autorpm/etc and can easily update from the command line remotely (unlike say
NT, unless you invest in SMS). Have you looked at PiKT? see the LSKB.

>
> best regards,
> antonio cavallo

-Kurt

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com