Subject: RE:IPFilter and Passive FTP Servers
To: None <firstname.lastname@example.org>
From: Todd Gruhn <email@example.com>
Date: 11/28/2002 21:48:32
I just did a ton of research on this, and went ahead
and installed WU-FTPD on DEBIAN LINUX. Lets just
say it took a lot of time and thought.
Mostly because the scanner (SAINT) kept saying that
FTP could be hacked.
What I did was to get the latest copy of WU-FTP from
debian.org and apply the latest patch kit. I then tracked
down a security doc on how to secure FTP and test WUFTP
by hacking the best known security holes. Once I got
kicked out, or the security holes failed to respond as
expected (as a hole) was I satisfied. I am now satisfied
with my WU-FTP install on LINUX.
I would think if you followed a similar procedure,
you could also secure WU-FTP on NetBSD. Unfortunately,
I have no idea how many NetBSD programmers are securing
WU-FTP. NetBSD has 2 or 3 more ftp daemons to choose
from; and I believe that one has already been ported to
Sign-up for your own FREE Personalized E-mail at Mail.com
One click access to the Top Search Engines