On Fri, 15 Sep 2000, Bruce Dawson wrote:
> wu-ftpd has been compromised so often due to programming bugs and poor/old
> design that most people who care have lost count. Although most of the
> bugs have been promptly fixed (of late), there's likely more.
Indeed. I highly recommend using ProFTPd (or some *other* FTP daemon)
instead of wu-ftpd. ProFTPd is also pretty flexible, although the
documentation is a bit lacking in places.
> And an even better solution would be to use ssh to update the web pages.
> But this can be an sysadmin headache if the user community doesn't
> understand public key cryptography.
Even SSH with password authentication is better then clear text FTP, and it
is believed to be secure against most anything except a man-in-the-middle
attack.
--
Ben Scott <[EMAIL PROTECTED]>
Net Technologies, Inc. <http://www.ntisys.com>
Voice: (800)905-3049 x18 Fax: (978)499-7839
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
