<sorry, I already deleted the original post and it's not yet in the archives>
To clarify: BOOTP is a broadcast-only protocol TFTP runs over IP, and thus it's perfectly possible to build publicly accessible TFTP-servers. That that's not got anything to do with security is another matter altogether as is that some vendors didn't include the necessary stacks and options with their TFTP-clients. cheers, &rw -- -- In the first place, God made idiots; -- though this was for practice only; -- then he made users. (Mark Twain, modified)
pgpHaF0dkIJ09.pgp
Description: PGP signature