Serv-u is only targeted when an exploit is discovered, just like any other product. They probably tend to come to light more often with serv-u because it is the hackers FTP server of choice. I think people tend to confuse the fact that serv-u gets hacked, because when servers get hacked and turned into warez servers, you will usually find a copy of serv-u installed. This does not mean serv-u got hacked, cozz the server may not have had serv-u instalel din the first, the hacker installed it himself afte rhe got access to your server.
But all said and and done, those fcats did put me off, and I moved to Gene6 FTP, which I personally think is a superior product, and that's after having used serv-u for several years as well as several other fTP servers. Russ -----Original Message----- From: Charlie Griefer [mailto:[EMAIL PROTECTED] Sent: 10 October 2005 19:13 To: CF-Talk Subject: Re: FTP Server On 10/10/05, Dave Watts <[EMAIL PROTECTED]> wrote: > There's a fundamental difference between "targeted by hackers" and > "used by hackers". The former is bad, the latter not so much. If > someone compromises your machine and chooses to install an FTP server, > his choice will be driven by many of the same factors as my own in choosing what FTP server to use. > What works best? Agreed on the difference, and maybe most of this debate has been semantic in nature. I was referring to "targeted by hackers". I apologize (to all involved) if I was not clear in that. > I use tools all the time that are "hacker tools", and I'm no hacker > (in the pejorative sense of the word, anyway). I use them because they > do what I need them to do, better than the alternatives. > > As for whether Serv-U allowed your machine to be hacked, are you sure > that was where the vulnerability was? Just because someone was using > your FTP server after your server was compromised, doesn't mean that > it was compromised through the FTP server. I did mention that I'm no system admin. I'd like to think I'm not terribly stupid, but I do recognize that I'm not a system admin and perhaps I left allowed some vulnerability to be exploited through my own lack of knowledge. However, as also mentioned, I've not had any similar issues with any FTP servers that I've used after this (nor did I have issues with any FTP servers that I had used prior). I do remember researching at that time and finding that Serv-U was targeted by hackers. I'm afraid that I'm going to have to ask you to take my word for that, as I don't find any similar condemning evidence today. Could be because (as Dan stated) current (and/or recent) versions have not had the vulnerabilities of older versions. But as [insert deity of your choice here] is my witness, back then search results were pretty conclusive in suggesting that the application was *targeted* by hackers. Given the availability of alternatives today (bulletproof (or whatever it's current name is), Filezilla, etc), I'm going to adhere to the "once bitten twice shy" rule. -- Charlie Griefer ================================================ "...All the world shall be your enemy, Prince with a Thousand Enemies, and whenever they catch you, they will kill you. But first they must catch you, digger, listener, runner, prince with a swift warning. Be cunning and full of tricks and your people shall never be destroyed." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:220604 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
