On Thu, 2002-01-17 at 11:25, Brian Cluff wrote:
> I was speaking from experience with wu-ftpd. I would run out and get the
> latest version of wu whenever they even hinted that there was a problem with
> it and I still got cracked more than once with that stupid daemon.
I agree here, but it does make his point. wu-ftpd is only cracked more
because it is more widely used. And you can install wu-ftpd in such a
way that it doesn't always have root, as well as chroot'ing it, or using
various kernel security enhancements to protect it.
>
> > I wonder if all those preaching switching the
> > standard/supported/maintained ftp daemon for one that will require some
> > effort in updating, linking libraries, security implications etc... why
> > they are still using bind, openssh and other daemons that likewise have
> > a storied history of security advisories?
>
> I use mandrake and by default it installs proftpd. Wu is still available
> for those that have to have it for some reason. So I AM sticking with the
> standard install. Of course I have yet to have a mandrake box cracked at
> all,
That you know of! ;)
--
Blake Barnett (bdb) <blake.barnett@developonline.com>
Sr. Unix Administrator
DevelopOnline.com office: 480-377-6816
Learning is a skill, you get better at it with practice.
(text/plain)