Re: Good, secure FTP daemons that don't need real user accounts
From: Sematimba Noah K (ksemat@wawa.eahd.or.ug)Date: 08/04/01
- Previous message: Murat Koc: "Re: How to bypass /etc/passwd's shell"
- In reply to: Seth Arnold: "Re: Good, secure FTP daemons that don't need real user accounts"
- Next in thread: Nate Pinchot: "RE: Good, secure FTP daemons that don't need real user accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 4 Aug 2001 11:19:34 +0300 (EAT) From: Sematimba Noah K <ksemat@wawa.eahd.or.ug> To: Seth Arnold <sarnold@wirex.com> Subject: Re: Good, secure FTP daemons that don't need real user accounts Message-ID: <Pine.LNX.4.30.0108041117080.2057-100000@spice.eahd.or.ug>
> As far as ftp daemons go, I have a hard time suggesting anything except
> OpenBSD's ftpd. It has demonstrated itself to be pretty secure, and is
> probably more than worth the effort to make it work on your platform.
Try vsftpd ( Very Secure Ftpd) it was written with security in mind and
has yet to have any vulnerabilities. Infact it was not vulnerable to the
glob() vulnerability that affected even the openbsd ftp daemon.
Noah.
- Previous message: Murat Koc: "Re: How to bypass /etc/passwd's shell"
- In reply to: Seth Arnold: "Re: Good, secure FTP daemons that don't need real user accounts"
- Next in thread: Nate Pinchot: "RE: Good, secure FTP daemons that don't need real user accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
