-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On March 24, 2004 10:39, Jim Clarke wrote: > Any ftp server is going to be insecure when deployed on a mass scale. Using > any un-encrypted tunnel with any daemon is obviously just silly unless of > course it would be for a secured intranet only subnet. Wu-ftpd definently > having its flaws yes, as most ftp daemons. Sftp is the way to go unless > your on a secured subnet period.
i can't agree with this. saying "ftp is insecure, so why not throw in a bunch of buffer overflows too!" is a silly argument. to exploit a clear-text password based system you need to be able to sniff the passwords (hijack traffic) and even then you likely can't get root access. to exploit a buffer overflow (or other security flaw) you don't need any prior knowledge and, in the case of wu-ftpd, this leads to having root access on the machine. there are also several use cases which are, arguably, valid ones for running the ftp protocol on the public Internet: a. ftps, which is ftp over SSL which therefore avoids clear text passwords. this is not the same as sftp which uses ssh and for which there are fewer clients, especially non-lame command line ones. i'm personally very happy with sftp/scp but that's because i can go fish://ing. b. S/Key which is also more secure. ironically, wu-ftpd has had a few exploits that attack their S/Key support. c. anonymous ftp. usually i recommend going with http in those cases, but it is a valid use of an ftp server that does not involve passwords and for which there are servers that have a good security track record. d. inflexible or just plain stupid people. despite being shown the alternatives, the client screams "I WANT FTP" and you, the service provider, relent. now, do you give them something crappy and insecure (wu-ftpd), something that at least doesn't leak root like a seive (pro- or pureftpd) or do you turn away the client? - -- Aaron J. Seigo GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA EE75 D6B7 2EB1 A7F1 DB43 while (!horse()); cart(); -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) iD8DBQFAYcwJ1rcusafx20MRAtW2AJ9JfdNswLDBK9CK8BguZAUZRLErpgCff3su C8phMdsNOajE3VyEzaOTSI4= =yViD -----END PGP SIGNATURE----- _______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
