Re: IPFW almost works now.

From: Crist Clark (
Date: 06/13/01

Date: Tue, 12 Jun 2001 22:26:13 -0700
From: "Crist Clark" <>
To: Jamie Norwood <>

Jamie Norwood wrote:
> On Tue, Jun 12, 2001 at 04:56:37PM -0700, Matt Dillon wrote:
> >
> > If you have to have a web server, and would only also have a ftp
> > server to 'optimize' transfers, I would submit that whatever
> > performance one perceives as having gained from running the ftp
> > server (which I think is Balderdash as well) is offset by the fact
> > that you are now running two pieces of server software that might
> > potentially create a security hazzard rather then one.
> >
> > Since I can't do without my web server, ftpd is the one I turn off.
> >
> > Historically, a plain old Apache with no fancy modules turned on
> > is just as secure... in fact, even more secure... then ftpd. Maybe
> > because web servers focus on read-only stuff whereas ftpd tries to
> > be general purpose read/write/exec/chmod/only-god-knows-what-else.
> So how, then, do you propose people upload files, a common use of ftp?

HTTP has POST and PUT. See RFC2616 for all of HTTP 1.1's capabilities.
Compare to RFC0959 for FTP (see section 4.1).

Crist J. Clark                                Network Security Engineer                    Globalstar, L.P.
(408) 933-4387                                FAX: (408) 933-4926
To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message