Which FTP daemon for Linux is currently the one with least security holes? Morsal
Which FTP daemon for Linux is currently the one with least security holes?
wuftpd-2.4.2, which is installed as /usr/sbin/wu.ftpd in the SuSE wuftpd.rpm package. After Thomas' audit a long while ago, it hasn't had any security related problem any more.
Morsal
Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -
Pardon me for jumping in, but I cannot believe that you really recommend using wuftpd, have a look at http://www.heise.de/newsticker/result.xhtml?url=/newsticker/data/ju-26.06.00..., IMHO wuftpd is the ftp daemon with the most security holes in it's long history. Personally I would not use it on a new install, I'd prefer Proftpd (which is also deliverd with Suse Linux). Roman Drahtmueller wrote:
Which FTP daemon for Linux is currently the one with least security holes?
wuftpd-2.4.2, which is installed as /usr/sbin/wu.ftpd in the SuSE wuftpd.rpm package. After Thomas' audit a long while ago, it hasn't had any security related problem any more.
Morsal
Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
ProFTPD also has a lot of root hacks. It desperately needs to stop and audit itself. If you want secuerity I'd reccomend vsftpd. It was designed to be secure. Kurt Seifried, seifried@securityportal.com Securityportal - your focal point for security on the 'net ----- Original Message ----- From: "Gerd Bitzer" <gerd.bitzer@tesion.de> To: "Roman Drahtmueller" <draht@suse.de> Cc: "Morsal Roudbay" <morsal@swipnet.se>; <suse-security@suse.com> Sent: Wednesday, April 04, 2001 12:09 AM Subject: Re: [suse-security] FTP daemons
Kurt, do u have a link to the vsftpd site? Thanks. ----- Original Message ----- From: "Kurt Seifried" <listuser@seifried.org> To: "Gerd Bitzer" <gerd.bitzer@tesion.de>; "Roman Drahtmueller" <draht@suse.de> Cc: "Morsal Roudbay" <morsal@swipnet.se>; <suse-security@suse.com> Sent: Wednesday, April 04, 2001 8:36 AM Subject: Re: [suse-security] FTP daemons
ProFTPD also has a lot of root hacks. It desperately needs to stop and audit itself. If you want secuerity I'd reccomend vsftpd. It was designed to be secure.
Kurt Seifried, seifried@securityportal.com Securityportal - your focal point for security on the 'net
----- Original Message ----- From: "Gerd Bitzer" <gerd.bitzer@tesion.de> To: "Roman Drahtmueller" <draht@suse.de> Cc: "Morsal Roudbay" <morsal@swipnet.se>; <suse-security@suse.com> Sent: Wednesday, April 04, 2001 12:09 AM Subject: Re: [suse-security] FTP daemons
On Wed, 4 Apr 2001, Morsal Roudbay wrote:
Kurt, do u have a link to the vsftpd site? Thanks. vsftpd from Chris can be found at ftp://ferret.lmh.ox.ac.uk/pub/linux/
best regards, Rainer Link -- Rainer Link | SuSE - The Linux Experts link@suse.de | Developer of A Mail Virus Scanner (amavis.org) www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)
ftp://ferret.lmh.ox.ac.uk/pub/linux/vsftpd-0.0.15.tar.gz I installed it on our server this morning during a break in the training I'm doing - very easy to install and configure product :) ---------------------------------- E-Mail: Bjoern Engels <bengels@lanworks.de> Date: 04-Apr-01 Time: 15:04:33 This message was sent by XFMail ----------------------------------
On Wed, Apr 04, 2001 at 12:36:51AM -0600, Kurt Seifried wrote:
ProFTPD also has a lot of root hacks. It desperately needs to stop and audit itself. If you want secuerity I'd reccomend vsftpd. It was designed to be secure.
:-) Someone of you who uses the libra ftpd? http://libraftp.narod.ru Is it to be considered secure? Thanks, Anibal
On 04-Apr-01 Gerd Bitzer wrote:
Personally I would not use it on a new install, I'd prefer Proftpd (which is also deliverd with Suse Linux).
But I wouldn't use the package that is shipped with SuSE Linux, try a "ls */../*/../*/../*/../*/../*/../*/../*", switch to a second console and watch your memory going ->> 0 bytes if you don't kill -9 the proftpd process... proftpd-1.2.2rc2 (I hope I got the right version in mind) fixed that. ---------------------------------- E-Mail: Bjoern Engels <bengels@lanworks.de> Date: 04-Apr-01 Time: 08:36:28 This message was sent by XFMail ----------------------------------
On 4 Apr 2001, at 8:40, Bjoern Engels wrote:
But I wouldn't use the package that is shipped with SuSE Linux, try a "ls */../*/../*/../*/../*/../*/../*/../*", switch to a second console and watch your memory going ->> 0 bytes if you don't kill -9 the proftpd process... proftpd-1.2.2rc2 (I hope I got the right version in mind) fixed that.
Hi, that specific problem can be solved by maskeradind some characters in proftpd.conf. It was mentioned on the proftpd ML and can be found in the archives. HTH mike
but I cannot believe that you really recommend using wuftpd, have a look at http://www.heise.de/newsticker/result.xhtml?url=/newsticker/data/ju-26.06.00..., IMHO wuftpd is the ftp daemon with the most security holes in it's long history. Personally I would not use it on a new install, I'd prefer Proftpd (which is also deliverd with Suse Linux).
Although we must learn from the past, I still think that the CURRENT security issues of a package are more important than the amount or severity of security holes that have already been fixed over the past couple of years. As Roman said:
After Thomas' audit a long while ago, it hasn't had any security related problem any more.
If you want a secure system today, then take whatever software is the best in that respect today. Cheers! Yuri.
Thanks for your opinion Gerd. I was actually also thinking that Wu-FTPd would have many security holes considering it's dark history. I personally use ProFTPd and I read it's supposed to be one of the most secure. ----- Original Message ----- From: "Gerd Bitzer" <gerd.bitzer@tesion.de> To: "Roman Drahtmueller" <draht@suse.de> Cc: "Morsal Roudbay" <morsal@swipnet.se>; <suse-security@suse.com> Sent: Wednesday, April 04, 2001 8:09 AM Subject: Re: [suse-security] FTP daemons
Pardon me for jumping in,
but I cannot believe that you really recommend using wuftpd, have a look at
http://www.heise.de/newsticker/result.xhtml?url=/newsticker/data/ju-26.06.00 -000,
IMHO wuftpd is the ftp daemon with the most security holes in it's long history. Personally I would not use it on a new install, I'd prefer Proftpd (which is also deliverd with Suse Linux).
Roman Drahtmueller wrote:
Which FTP daemon for Linux is currently the one with least security
holes?
wuftpd-2.4.2, which is installed as /usr/sbin/wu.ftpd in the SuSE wuftpd.rpm package. After Thomas' audit a long while ago, it hasn't had any security related problem any more.
Morsal
Roman. --
-
| Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
-
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Or you have a look at the vsftpd, which was recommended by Kurt Seifried. I think his judgement could be trusted, I dont know it, have never read about it. Morsal Roudbay wrote:
Thanks for your opinion Gerd. I was actually also thinking that Wu-FTPd would have many security holes considering it's dark history. I personally use ProFTPd and I read it's supposed to be one of the most secure.
----- Original Message ----- From: "Gerd Bitzer" <gerd.bitzer@tesion.de> To: "Roman Drahtmueller" <draht@suse.de> Cc: "Morsal Roudbay" <morsal@swipnet.se>; <suse-security@suse.com> Sent: Wednesday, April 04, 2001 8:09 AM Subject: Re: [suse-security] FTP daemons
Pardon me for jumping in,
but I cannot believe that you really recommend using wuftpd, have a look at
http://www.heise.de/newsticker/result.xhtml?url=/newsticker/data/ju-26.06.00 -000,
IMHO wuftpd is the ftp daemon with the most security holes in it's long history. Personally I would not use it on a new install, I'd prefer Proftpd (which is also deliverd with Suse Linux).
Roman Drahtmueller wrote:
Which FTP daemon for Linux is currently the one with least security
holes?
wuftpd-2.4.2, which is installed as /usr/sbin/wu.ftpd in the SuSE wuftpd.rpm package. After Thomas' audit a long while ago, it hasn't had any security related problem any more.
Morsal
Roman. --
-
| Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
-
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
On Wed, 4 Apr 2001, Morsal Roudbay wrote:
From: Morsal Roudbay <morsal@swipnet.se> To: Gerd Bitzer <gerd.bitzer@tesion.de>, Roman Drahtmueller <draht@suse.de> Cc: suse-security@suse.com Date: Wed, 4 Apr 2001 14:58:53 +0200 Subject: Re: [suse-security] FTP daemons
Hi Morsal,
Thanks for your opinion Gerd. I was actually also thinking that Wu-FTPd would have many security holes considering it's dark history. I personally use ProFTPd and I read it's supposed to be one of the most secure.
I'd be grateful if you could point me to the source where you got that information from. We've been running proftpd on ftp.suse.com. This server counts as a high volume ftp server in both the transferred data, the number of sessions/day and the number of bytes transferred per session. We've come to the conclusion that proftpd doesn't scale above a limit of about 300 concurrent users and that the memory leaks make the daemon unuseable in standalone mode. The lack of scalability is caused by an enormous system call overhead that is a result of every deamon checking the health of _all_ other daemons by killing _all_ of them using signal SIGCONT. I've fixed this, along with some format string parsing bugs and another performance issue, but it didn't help, it's still too hungry. One of the primary reasons that made us try proftpd was the feature that limits the number of connections per IP. Basically, we wanted the rate-limiting stuff as well, but the resulting syscall overhead would have killed the fastest machine. We've now gone back to wuftpd in combination with xinetd. The one that you find in the wuftpd.rpm package, residing in /usr/sbin/wu.ftpd, is the good old 2.4 release that comes with a set of patches against all known vulerabilites (/usr/sbin/wu.ftpd-2.6 is the new one). Some of these patches are a result of an extensive audit by Thomas Biege back in 1999 (IIRC), and no problem has turned up ever since. I've enhanced the daemon that we use right now with a rate limiter. It's only a few lines of code, if you want to take a look at it go to ftp://ftp.suse.com/pub/people/draht/7.0/, get the source rpm and take a look at the patch there, called something like "bwlimit". At full load with currently 650 users the server's (a single processor machine) load is below 1.0, the machine is 75% idle after 14 days of rock solid uptime. Regards, Roman. -- - - | Roman Drahtmüller <draht@suse.de> "Caution: Cape does not | SuSE GmbH - Security enable user to fly." | Nürnberg, Germany (Batman Costume warning label) | - -
Hello Roman, I cant really remember when I read it but there were actually several sources. I guess things can change fast. :-) Nice of you to point out all this and I take your word. Right now I use ProFTPd and it's been working well but my load is around 6 connections, nothing compared to the SuSE ftp server. My server has been running very smoothly (SuSE 7.0) and has now been up for 62 days straight. I will try out the latest wu-ftpd tarball next week and see how that goes, but for me security comes first, not performance. I was wondering, would it be more secure to use qmail for my SMTP server or is sendmail ok? Again I read from several sources so it's hard to tell which one is right, I'm sure u understand what I mean. :) /Morsal ----- Original Message ----- From: "Roman Drahtmueller" <draht@suse.de> To: "Morsal Roudbay" <morsal@swipnet.se> Cc: <suse-security@suse.com> Sent: Wednesday, April 04, 2001 5:35 PM Subject: Re: [suse-security] FTP daemons On Wed, 4 Apr 2001, Morsal Roudbay wrote:
From: Morsal Roudbay <morsal@swipnet.se> To: Gerd Bitzer <gerd.bitzer@tesion.de>, Roman Drahtmueller <draht@suse.de> Cc: suse-security@suse.com Date: Wed, 4 Apr 2001 14:58:53 +0200 Subject: Re: [suse-security] FTP daemons
Hi Morsal,
Thanks for your opinion Gerd. I was actually also thinking that Wu-FTPd would have many security holes considering it's dark history. I personally use ProFTPd and I read it's supposed to be one of the most secure.
I'd be grateful if you could point me to the source where you got that information from. We've been running proftpd on ftp.suse.com. This server counts as a high volume ftp server in both the transferred data, the number of sessions/day and the number of bytes transferred per session. We've come to the conclusion that proftpd doesn't scale above a limit of about 300 concurrent users and that the memory leaks make the daemon unuseable in standalone mode. The lack of scalability is caused by an enormous system call overhead that is a result of every deamon checking the health of _all_ other daemons by killing _all_ of them using signal SIGCONT. I've fixed this, along with some format string parsing bugs and another performance issue, but it didn't help, it's still too hungry. One of the primary reasons that made us try proftpd was the feature that limits the number of connections per IP. Basically, we wanted the rate-limiting stuff as well, but the resulting syscall overhead would have killed the fastest machine. We've now gone back to wuftpd in combination with xinetd. The one that you find in the wuftpd.rpm package, residing in /usr/sbin/wu.ftpd, is the good old 2.4 release that comes with a set of patches against all known vulerabilites (/usr/sbin/wu.ftpd-2.6 is the new one). Some of these patches are a result of an extensive audit by Thomas Biege back in 1999 (IIRC), and no problem has turned up ever since. I've enhanced the daemon that we use right now with a rate limiter. It's only a few lines of code, if you want to take a look at it go to ftp://ftp.suse.com/pub/people/draht/7.0/, get the source rpm and take a look at the patch there, called something like "bwlimit". At full load with currently 650 users the server's (a single processor machine) load is below 1.0, the machine is 75% idle after 14 days of rock solid uptime. Regards, Roman. -- - - | Roman Drahtmüller <draht@suse.de> "Caution: Cape does not | SuSE GmbH - Security enable user to fly." | Nürnberg, Germany (Batman Costume warning label) | - -
"Morsal Roudbay" <morsal@swipnet.se> wrote:
[...] I was wondering, would it be more secure to use qmail for my SMTP server or is sendmail ok? Again I read from several sources so it's hard to tell which one is right, I'm sure u understand what I mean. :)
Have a look at postfix (http://www.postfix.org). Probably the most secure of them three. -- __Pascal_Bourguignon__ (o_ Software patents are endangering () ASCII ribbon against html email //\ the computer industry all around /\ and Microsoft attachments. V_/ the world http://lpf.ai.mit.edu/ 1962:DO20I=1.100 2001:my($f)=`fortune`; http://petition.eurolinux.org/
I wouldn't agree that Postfix is more secure than Qmail. In fact, Mr. Bernstein (the creator of qmail has a bit about just that on his web site at http://cr.yp.to/qmail/warfield.html). I originally ran sendmail, then switched to postfix. It was nice, I personally had no problems with it and found it quite simple to set up and maintain (my uses are not that complex). When I went to implement the ArsDigita Community System (http://www.arsdigita.com/products), the recommended the use of qmail, esp. to use their webmail package. So I switched. Qmail may be slightly more complex than Postfix to set up, but I have found it to be extremely stable, and I have not found any documented evidence of any security problems. You may read over the http://cr.yp.to web site at bit. --- "Pascal J. Bourguignon" <pjb@imaginet.fr> wrote:
"Morsal Roudbay" <morsal@swipnet.se> wrote:
[...] I was wondering, would it be more secure to use qmail for my SMTP server or is sendmail ok? Again I read from several sources so it's hard to tell which one is right, I'm sure u understand what I mean. :)
Have a look at postfix (http://www.postfix.org). Probably the most secure of them three.
-- __Pascal_Bourguignon__ (o_ Software patents are endangering () ASCII ribbon against html email //\ the computer industry all around /\ and Microsoft attachments. V_/ the world http://lpf.ai.mit.edu/ 1962:DO20I=1.100 2001:my($f)=`fortune`; http://petition.eurolinux.org/
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
__________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/
On Wed, 4 Apr 2001, Jason P. Stanford wrote:
I wouldn't agree that Postfix is more secure than Qmail. In fact, Mr. Bernstein (the creator of qmail has a bit about just that on his web site at http://cr.yp.to/qmail/warfield.html).
Please note that despite Mr. Bernstein's coding skills his paranoia and reliance on personal attacks instead of logic make him a less then trustworthy reviewer of other people's work. Qmail may or may not be more secure than Postfix, but I wouldn't trust his opinion on the topic as far as I could throw the printed copies of all the mail the two packages have delivered - he's simply incapable of being fair on this topic. Both Postfix and Qmail are currently thought to be secure, both are good choices for an SMTP server regardless of what Mr. Bernstein would like to believe. Jonathan Conway rise@knavery.net
And Sendmail is insecure or is that the _thought_? Regards, Jon On Wed, 4 Apr 2001, rise wrote:
On Wed, 4 Apr 2001, Jason P. Stanford wrote:
I wouldn't agree that Postfix is more secure than Qmail. In fact, Mr. Bernstein (the creator of qmail has a bit about just that on his web site at http://cr.yp.to/qmail/warfield.html).
Please note that despite Mr. Bernstein's coding skills his paranoia and reliance on personal attacks instead of logic make him a less then trustworthy reviewer of other people's work. Qmail may or may not be more secure than Postfix, but I wouldn't trust his opinion on the topic as far as I could throw the printed copies of all the mail the two packages have delivered - he's simply incapable of being fair on this topic. Both Postfix and Qmail are currently thought to be secure, both are good choices for an SMTP server regardless of what Mr. Bernstein would like to believe.
Jonathan Conway rise@knavery.net
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
On Wed, 4 Apr 2001 marsaro@interearth.com wrote:
And Sendmail is insecure or is that the _thought_?
Actually I run sendmail and believe it to be reasonably secure. Since the message I replied to was in regards to Qmail vs. Postfix I only addressed that issue. At this point I recommend Postfix to friends who're setting up a low volume/low maintanence mail server and lack experience with any of the three - mainly for it's ease of use. I run sendmail because I have more experience with it, it's better integrated into SuSE 7.0, and I happen to like Turing-complete configuration languages*. Of course I also thought it was fun to implement a Turing machine in T-SQL so my view of reality is known to be skewed. Jonathan Conway rise@knavery.net * For all I know Postfix and Qmail also have Turing-complete configuration - it just doesn't look like it to a cursory inspection.
Yes, I felt that Sendmail too was difficult to setup but then just learned it and with m4 macros, come on, it is really easy. Simple uses at home/small server, yes, SuSE has all that in Yast and this just sets the m4's anyway. The new Sendmail 8.11 really has feature for large scale.....but hey...I am using PostFIX too...just thought that there is an awful lot of Sendmail bad vibes.... Regards, Jon On Wed, 4 Apr 2001, rise wrote:
On Wed, 4 Apr 2001 marsaro@interearth.com wrote:
And Sendmail is insecure or is that the _thought_?
Actually I run sendmail and believe it to be reasonably secure. Since the message I replied to was in regards to Qmail vs. Postfix I only addressed that issue. At this point I recommend Postfix to friends who're setting up a low volume/low maintanence mail server and lack experience with any of the three - mainly for it's ease of use. I run sendmail because I have more experience with it, it's better integrated into SuSE 7.0, and I happen to like Turing-complete configuration languages*. Of course I also thought it was fun to implement a Turing machine in T-SQL so my view of reality is known to be skewed.
Jonathan Conway rise@knavery.net
* For all I know Postfix and Qmail also have Turing-complete configuration - it just doesn't look like it to a cursory inspection.
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
"Jason P. Stanford" <rusticitas@yahoo.com> wrote:
I wouldn't agree that Postfix is more secure than Qmail. In fact, Mr. Bernstein (the creator of qmail has a bit about just that on his web site at http://cr.yp.to/qmail/warfield.html).
I originally ran sendmail, then switched to postfix. It was nice, I personally had no problems with it and found it quite simple to set up and maintain (my uses are not that complex). When I went to implement the ArsDigita Community System (http://www.arsdigita.com/products), the recommended the use of qmail, esp. to use their webmail package. So I switched. Qmail may be slightly more complex than Postfix to set up, but I have found it to be extremely stable, and I have not found any documented evidence of any security problems. You may read over the http://cr.yp.to web site at bit.
Thank you for the pointers. An objective comparison of the current state of these MTA is probably in order.
--- "Pascal J. Bourguignon" <pjb@imaginet.fr> wrote:
"Morsal Roudbay" <morsal@swipnet.se> wrote:
[...] I was wondering, would it be more secure to use qmail for my SMTP server or is sendmail ok? Again I read from several sources so it's hard to tell which one is right, I'm sure u understand what I mean. :)
Have a look at postfix (http://www.postfix.org). Probably the most secure of them three.
-- __Pascal_Bourguignon__ (o_ Software patents are endangering () ASCII ribbon against html email //\ the computer industry all around /\ and Microsoft attachments. V_/ the world http://lpf.ai.mit.edu/ 1962:DO20I=1.100 2001:my($f)=`fortune`; http://petition.eurolinux.org/
Hi Pascal, I know we had the discossion some times ago. Do you know anything about actual (!) security flaws of sendmail? And if not - why should postfix be more secure? (See discussion of "secure" FTP daemons) Regards Ralf
"Morsal Roudbay" <morsal@swipnet.se> wrote:
[...] I was wondering, would it be more secure to use qmail for my SMTP server or is sendmail ok? Again I read from several sources so it's hard to tell which one is right, I'm sure u understand what I mean. :)
Have a look at postfix (http://www.postfix.org). Probably the most secure of them three.
-- __Pascal_Bourguignon__ (o_ Software patents are endangering () ASCII ribbon against html email //\ the computer industry all around /\ and Microsoft attachments. V_/ the world http://lpf.ai.mit.edu/ 1962:DO20I=1.100 2001:my($f)=`fortune`; http://petition.eurolinux.org/
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
* * Ralf 'coko' Koch * mailto:info@formel4.de * --- Gute Nachricht: Windows 2000 ist 100% kompatibel. Die weltweit besten Forscher suchen nur noch, womit.
Hi, My 2cents....it is true Sendmail (like others) had security fixes in the past....but I would say the product is the most extensible mailer out there...in fact the features on 8.11 are incredible IMHO....have a good look at sendmail.org. If you are doing very high volume and need multi-queues....crypto and stuff Sendmail has all this and the large install base keeps the theme of opensource pays for security accountability. Regards, Jon On Wed, 4 Apr 2001, Ralf Koch wrote:
Hi Pascal,
I know we had the discossion some times ago. Do you know anything about actual (!) security flaws of sendmail? And if not - why should postfix be more secure? (See discussion of "secure" FTP daemons)
Regards
Ralf
"Morsal Roudbay" <morsal@swipnet.se> wrote:
[...] I was wondering, would it be more secure to use qmail for my SMTP server or is sendmail ok? Again I read from several sources so it's hard to tell which one is right, I'm sure u understand what I mean. :)
Have a look at postfix (http://www.postfix.org). Probably the most secure of them three.
-- __Pascal_Bourguignon__ (o_ Software patents are endangering () ASCII ribbon against html email //\ the computer industry all around /\ and Microsoft attachments. V_/ the world http://lpf.ai.mit.edu/ 1962:DO20I=1.100 2001:my($f)=`fortune`; http://petition.eurolinux.org/
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
* * Ralf 'coko' Koch * mailto:info@formel4.de * --- Gute Nachricht: Windows 2000 ist 100% kompatibel. Die weltweit besten Forscher suchen nur noch, womit.
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Ralf Koch <info@formel4.de> wrote:
I know we had the discossion some times ago. Do you know anything about actual (!) security flaws of sendmail? And if not - why should postfix be more secure? (See discussion of "secure" FTP daemons)
Well, I'm not up to date with the latest releases of sendmail (when I left it for postfix, two years ago, a buffer-overflow bug had been discovered in its then current version), but while the probability to encounter a buffer-overflow bug in general C software such as sendmail is quite high (2/3 ?), postfix has been programmed from the start with special considerations to all these kind of security-related problems, and while I've only browsed lightly the code of postfix, it's programmed in a way that make the probability of one of these dreadfull buffer overflow bug very low. The fact that it's very modula, with several subprocesses, neither of them running as root (postfix would refuse to run as root), implies that if ever there should be a problem, it would be confined to a small part of postfix. Each processes (and even some internal functions) do constantly validate the data it gets from the other parts of postfix or from the exterior world. -- __Pascal_Bourguignon__ (o_ Software patents are endangering () ASCII ribbon against html email //\ the computer industry all around /\ and Microsoft attachments. V_/ the world http://lpf.ai.mit.edu/ 1962:DO20I=1.100 2001:my($f)=`fortune`; http://petition.eurolinux.org/
On Wed, Apr 04, 2001 at 09:37:52PM +0100, Ralf Koch wrote:
Hi Pascal,
I know we had the discossion some times ago. Do you know anything about actual (!) security flaws of sendmail? And if not - why should postfix be more secure? (See discussion of "secure" FTP daemons)
No, probably there aren't any actual known sendmail security problems with the most recent versions. There was a serious effort to clean up the code and it might actually be secure now. But, it is a large, complicated program with a lengthy and lousy security history. And it runs as root. These are all bad signs. There's simply no way to know when a given fix will be the last one needed, so if, as I suspect, you're insisting on hard evidence, you're not going to find it until it's too late, i.e. an exploit has been found. It has often been the case that the security history of a program has been useful in predicting the likelihood of future security problems. BIND-8 is a classic example. On the other hand, Dan Bernstein puts his money where his mouth is, offering a $500 reward to anyone who can find a vulnerability in qmail (or djbdns). To my knowledge, this has never been collected. I find this very comforting. -- David Benfell benfell@parts-unknown.org --- SuSE, qmail, ezmlm, and much much more... Hire me!
Hello Roman, I cant really remember when I read it but there were actually several sources. I guess things can change fast. :-)
Nice of you to point out all this and I take your word. Right now I use ProFTPd and it's been working well but my load is around 6 connections, nothing compared to the SuSE ftp server. My server has been running very smoothly (SuSE 7.0) and has now been up for 62 days straight. I will try out the latest wu-ftpd tarball next week and see how that goes, but for me security comes first, not performance.
Well, 6 is nothing... :-) 600 is mid-range, and you notice the overhead at around 60-100, depending on your hardware. Basically, I find that a PII-350 should do the job sufficiently, provided that there's enough RAM (384-1G) and disks with extremely fast seek times. Just as a reminder: in the SuSE package, the /usr/sbin/wu.ftpd is the old one, _not_ the 2.6 version. I'm not really sure if I can (security-wise) recommend the 2.6 version...
I was wondering, would it be more secure to use qmail for my SMTP server or is sendmail ok? Again I read from several sources so it's hard to tell which one is right, I'm sure u understand what I mean. :)
/Morsal We should open a different thread.
Roman. -- - - | Roman Drahtmüller <draht@suse.de> "Caution: Cape does not | SuSE GmbH - Security enable user to fly." | Nürnberg, Germany (Batman Costume warning label) | - -
Hello Roman, do you (or anybody else in this list) know what kind of ftp Serversoftware is running on ftp.cdrom.com ? It's told that this site is the biggest ftp Server worldwide (3000 simultan connections on a machine with one CPU) Gerd Roman Drahtmueller wrote:
Hello Roman, I cant really remember when I read it but there were actually several sources. I guess things can change fast. :-)
Nice of you to point out all this and I take your word. Right now I use ProFTPd and it's been working well but my load is around 6 connections, nothing compared to the SuSE ftp server. My server has been running very smoothly (SuSE 7.0) and has now been up for 62 days straight. I will try out the latest wu-ftpd tarball next week and see how that goes, but for me security comes first, not performance.
Well, 6 is nothing... :-) 600 is mid-range, and you notice the overhead at around 60-100, depending on your hardware. Basically, I find that a PII-350 should do the job sufficiently, provided that there's enough RAM (384-1G) and disks with extremely fast seek times.
Just as a reminder: in the SuSE package, the /usr/sbin/wu.ftpd is the old one, _not_ the 2.6 version. I'm not really sure if I can (security-wise) recommend the 2.6 version...
I was wondering, would it be more secure to use qmail for my SMTP server or is sendmail ok? Again I read from several sources so it's hard to tell which one is right, I'm sure u understand what I mean. :)
/Morsal We should open a different thread.
Roman. -- - - | Roman Drahtmüller <draht@suse.de> "Caution: Cape does not | SuSE GmbH - Security enable user to fly." | Nürnberg, Germany (Batman Costume warning label) | - -
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hello Roman,
do you (or anybody else in this list) know what kind of ftp Serversoftware is running on ftp.cdrom.com ? It's told that this site is the biggest ftp Server worldwide (3000 simultan connections on a machine with one CPU)
Gerd
Roman Drahtmueller wrote:
Hello Roman, I cant really remember when I read it but there were actually several sources. I guess things can change fast. :-)
Nice of you to point out all this and I take your word. Right now I use ProFTPd and it's been working well but my load is around 6 connections, nothing compared to the SuSE ftp server. My server has been running very smoothly (SuSE 7.0) and has now been up for 62 days straight. I will
the latest wu-ftpd tarball next week and see how that goes, but for me security comes first, not performance.
Well, 6 is nothing... :-) 600 is mid-range, and you notice the overhead at around 60-100, depending on your hardware. Basically, I find that a PII-350 should do the job sufficiently, provided that there's enough RAM (384-1G) and disks with extremely fast seek times.
Just as a reminder: in the SuSE package, the /usr/sbin/wu.ftpd is the
I dont know which software they run but when it comes to hardware they use Intel NICs. :) ----- Original Message ----- From: "Gerd Bitzer" <gerd.bitzer@tesion.de> To: "Roman Drahtmueller" <draht@suse.de> Cc: "Morsal Roudbay" <morsal@swipnet.se>; <suse-security@suse.com> Sent: Thursday, April 05, 2001 1:20 PM Subject: Re: [suse-security] FTP daemons try out old
one, _not_ the 2.6 version. I'm not really sure if I can (security-wise) recommend the 2.6 version...
I was wondering, would it be more secure to use qmail for my SMTP server or is sendmail ok? Again I read from several sources so it's hard to tell which one is right, I'm sure u understand what I mean. :)
/Morsal We should open a different thread.
Roman. -- - - | Roman Drahtmüller <draht@suse.de> "Caution: Cape does not | SuSE GmbH - Security enable user to fly." | Nürnberg, Germany (Batman Costume warning label) | - -
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hello, Gerd Bitzer wrote:
do you (or anybody else in this list) know what kind of ftp Serversoftware is running on ftp.cdrom.com ?
The server "ftp.cdrom.com" announces itself as: | Connected to 216.17.74.242. | 220 wcarchive.cdrom.com FTP server (Version DG-4.1.73 983302105) | ready. | Name (ftp.cdrom.com:steffen): ftp | 331 Guest login ok, send your email address as password. | Password: | 230-Welcome to ftp.cdrom.com, a service of Digital River, Inc. | 230-There are currently 546 users out of 3000 possible. | 230- | 230-This machine is a Xeon/500 with 4GB of memory & 1/2 terabyte of | RAID 5. | 230-The operating system is FreeBSD. Should you wish to get your own | copy of | 230-FreeBSD, please visit http://www.freebsd.org for more | information. "DG-4.1.73" seems to be a special "ftp-daemon" made by David Greenman which is AFAIK not released to the public. You can find further information here: http://www.bsdtoday.com/2000/October/News296.html Best regards, Steffen
participants (16)
-
Anibal Vasquez -
Bjoern Engels -
David Benfell -
Gerd Bitzer -
Jason P. Stanford -
Kurt Seifried -
marsaro@interearth.com -
Morsal Roudbay -
Pascal J. Bourguignon -
Rainer Link -
Ralf Koch -
rise -
Roman Drahtmueller -
Steffen Moser -
Thomas Michael Wanka -
Yuri Robbers