On Sat, 7 Oct 2000, semat wrote:
Well if I remeber well there was also a security advisory recently about proftp and how remote users could gain root priviledges. I think so far the only one that hasn't had any has been the one from Openbsd it comes with suse. try it out.
There was a security advisory about just about every ftp daemon, with all this format string s*** going around. The latest release of proftpd is supposed to be safe, and it's pretty good. Anyone using wuftpd after about 9 straight years of continual holes is probably suicidal (that brings to mind, is it still DeadRat's default ftp package? You do the math ;-)) If you need fast and safe (anonymous) ftp though, look af ncftpd (www.ncftp.com). Unfortunately not open source, but the best ftp daemon I know. If you're an educational site you can get it free, if you only need 3 concurrent users it's free as well. greetz Stefan
========================================== Stefan Suurmeijer Network Specialist University of Groningen tel: (++31) 50 363 3423 fax: (++31) 50 363 7272 E-mail (business): s.m.suurmeijer@rc.rug.nl E-mail (private): stefan@symbolica.nl ========================================== Quidquid id est, timeo Microsoftum et dona ferentis (Whatever it is, I fear Microsoft, even when they are bringing gifts) Who is General Failure, and why is he reading my harddisk?