>From a security company... ----- Begin Included Message -----
>From [EMAIL PROTECTED] Sat Dec 1 02:22:36 2001 Date: Thu, 29 Nov 2001 10:13:26 -0300 From: Kurt Seifried <[EMAIL PROTECTED]> Subject: Re: [suse-security] proftpd disparaged To: Security <[EMAIL PROTECTED]> I did. Proftpd is nice to configure, but in serious, desperate need of a massive code audit, or a complete rewrite. It has had many many security bugs, the code is not very well written and it hasn't really been audited. I used to use it and then gave up when the security bugs started rolling through. If you think this is the last get root remotely via anonftp or a user account bug in wuftpd you are mistaken. VSFTPD is what I use, and from the 1.0.0 announcement apperently redhat uses it too (14,000 concurrent logins across their ftp pool or somesuch). RedHat doesn't ship it though, rpm's are just available last week from some guy. Why do vendors ship us crap they don't use? grumblegrumble. -Kurt -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ----- End Included Message -----
