On Wed, 16 Mar 2005 23:35:56 +0000, Kris Kennaway <[EMAIL PROTECTED]> wrote: > On Wed, Mar 16, 2005 at 06:06:07PM -0500, Danny wrote: > > With regards to: http://www.daemonology.net/portsnap/ > > > > Should I be concerned about my servers that use CVSup? Do the FreeBSD > > guru's refuse to use CVSup, or is this overkill? > > Depends on your threat model, i.e. what are you afraid of?
I will respond to your question with a question to hopefully answer both of our questions. :) When is the last time a FreeBSD CVSup server was compromised - if ever? > If it's something that cvsup doesn't protect against, and portsnap does, then > use the latter. Assuming Portsnap protects and/or overcomes against all of CVSup's "limitations": "# CVSup is insecure. The protocol uses no encryption or signing, and any attacker who can intercept the connection can insert arbitrary data into the tree you are updating. # CVSup isn't end-to-end. Related to the previous point, this means that anyone who can compromise a CVSup mirror can feed arbitrary data to the people who are using that mirror. # CVSup isn't designed for frequent small updates. While CVSup is very good at distributing CVS trees, and is very efficient for updating a tree which has been significantly changed (eg, by a month or more of commits), it has transmits a list of all the files in the tree, which makes it quite inefficient if only a few files have changed. # CVSup uses a custom protocol. This can cause problems for people behind firewalls -- outgoing connections on port 5999 need to be permitted -- and it needs a heavyweight server (cvsupd)." I don't know, it's just that if the FreeBSD org and handbook recommend using CVSup, it's can't be that bad? Thanks Kris, ...D _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
