Re: Good, secure FTP daemons that don't need real user accounts

From: Sematimba Noah K (ksemat@wawa.eahd.or.ug)
Date: 08/04/01


Date: Sat, 4 Aug 2001 11:19:34 +0300 (EAT)
From: Sematimba Noah K <ksemat@wawa.eahd.or.ug>
To: Seth Arnold <sarnold@wirex.com>
Subject: Re: Good, secure FTP daemons that don't need real user accounts
Message-ID: <Pine.LNX.4.30.0108041117080.2057-100000@spice.eahd.or.ug>


> As far as ftp daemons go, I have a hard time suggesting anything except
> OpenBSD's ftpd. It has demonstrated itself to be pretty secure, and is
> probably more than worth the effort to make it work on your platform.

 Try vsftpd ( Very Secure Ftpd) it was written with security in mind and
has yet to have any vulnerabilities. Infact it was not vulnerable to the
glob() vulnerability that affected even the openbsd ftp daemon.

Noah.



Relevant Pages

  • Re: Pentesting tool - Commercial
    ... I common approach is to do a full test using a lot of tools that address known vulnerabilities, common design flaws and such - in combination with penetration testing tools to sort of false positives and confirm what sort of consequences a breach would have. ... In combination with firewall policy analyzes, looking at the routines surrounding security all the way from development to maintenance you'll have some sort of baseline to work out from when it comes to the level of security. ... I want them to acquire secure software and use it ...
    (Pen-Test)
  • RE: Fwd: Terminal services and remote programs.
    ... "help/about vulnerabilities" that were mentioned here a few days ago. ... TerminalServices and RemoteApp deployments, including ... Need to secure your web apps NOW? ...
    (Pen-Test)
  • RE: Fwd: Terminal services and remote programs.
    ... Our team regularly breaks into Terminal Servers ... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities ...
    (Pen-Test)
  • Re: php perl dumb question
    ... "the nominal security benefit isn't worth exploring" is arrogant. ... If your script is secure then it's secure. ... reported vulnerabilities in the first 9 months of 2004 alone. ... >> who thought they had written a secure script. ...
    (comp.lang.php)
  • CanSecWest 2008 Mar 26-28
    ... Cross-Site Scripting Vulnerabilities in Flash Authoring Tools - Rich   ... Secure programming with gcc and glibc - Marcel Holtmann, ... Fuzz by Number - Charlie Miller, Independent Security Evaluators ... Vulnerabilities Die Hard - Kowsik Guruswamy, ...
    (Pen-Test)