David Banning wrote:
Pardon the stupid question, but I'm assuming it's necessary that you run
ftpd? We block ftpd at the firewall to any machines outside the LAN.
Anyone who needs FTP access uses a client that's capable of using sftp
instead, and logs in with their SSH credentials.
I have discovered a vulnerability, that is new to me. Denyhosts
does not seem to notice FTP login attempts, so the cracker can
attempt to login via FTP, 1000's of times until he finds a
Hmm - interesting - I just -may- be able to disable using ftpd.
But I still pose the same question - what do ftp servers do on this?
Maybe -not- have ssh login? -or- maybe not have ssh login using the
I'm also interested; my version of the question is probably more like,
"is anyone in their right mind running ftpd over the WAN for anything
but an anonymous user"? 
Note that I'm _not_ trying to be critical. However, in the current
state of things , I don't see anything involving unencrypted
authentication as valid for WAN(Internet) operations.
 Granted, other strategies might work; firewalling and/or tcpwrappers
 An interesting read - "The Internet Sucks" -
Computers will not be perfected until they can compute how much more
than the estimate the job will cost.
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"