Re: IPFW almost works now.

From: Crist Clark (crist.clark@globalstar.com)
Date: 06/13/01


Date: Tue, 12 Jun 2001 22:26:13 -0700
From: "Crist Clark" <crist.clark@globalstar.com>
To: Jamie Norwood <mistwolf@mushhaven.net>

Jamie Norwood wrote:
>
> On Tue, Jun 12, 2001 at 04:56:37PM -0700, Matt Dillon wrote:
> >
> > If you have to have a web server, and would only also have a ftp
> > server to 'optimize' transfers, I would submit that whatever
> > performance one perceives as having gained from running the ftp
> > server (which I think is Balderdash as well) is offset by the fact
> > that you are now running two pieces of server software that might
> > potentially create a security hazzard rather then one.
> >
> > Since I can't do without my web server, ftpd is the one I turn off.
> >
> > Historically, a plain old Apache with no fancy modules turned on
> > is just as secure... in fact, even more secure... then ftpd. Maybe
> > because web servers focus on read-only stuff whereas ftpd tries to
> > be general purpose read/write/exec/chmod/only-god-knows-what-else.
>
> So how, then, do you propose people upload files, a common use of ftp?

HTTP has POST and PUT. See RFC2616 for all of HTTP 1.1's capabilities.
Compare to RFC0959 for FTP (see section 4.1).

-- 
Crist J. Clark                                Network Security Engineer
crist.clark@globalstar.com                    Globalstar, L.P.
(408) 933-4387                                FAX: (408) 933-4926
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message