Subject: RE:IPFilter and Passive FTP Servers
To: None <netbsd-users@netbsd.org>
From: Todd Gruhn <tgruhn2@mail.com>
List: netbsd-users
Date: 11/28/2002 21:48:32
I just did a ton of research on this, and went ahead
and installed WU-FTPD on DEBIAN LINUX. Lets just 
say it took a lot of time and thought.
Mostly because the scanner (SAINT) kept saying that
FTP could be hacked.

What I did was to get the latest copy of WU-FTP from 
debian.org and apply the latest patch kit. I then tracked
down a security doc on how to secure FTP and test WUFTP
by hacking the best known security holes. Once I got 
kicked out, or the security holes failed to respond as
expected (as a hole) was I satisfied. I am now satisfied
with my WU-FTP install on LINUX.

I would think if you followed a similar procedure,
you could also secure WU-FTP on NetBSD. Unfortunately,
I have no idea how many NetBSD programmers are securing
WU-FTP. NetBSD has 2 or 3 more ftp daemons to choose
from; and I believe that one has already been ported to
DEBIAN...
-- 
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

One click access to the Top Search Engines
http://www.exactsearchbar.com/mailcom