===Begin Forwarded Message=== FYI, there is a new FTP exploit hitting the streets that effects almost ALL ftp servers, regardless of server OS, or ftpd version. If you are a home user, not on the Cisco internal network (NAT'ed with a 10. number), then PLEASE be careful if you are running FTP services. This goes the same for Lab systems as well, or any systems outside our corporate firewall's protection NAI advisory: http://packetstorm.securify.com/advisories/nai/nai.00-ftp.glob Check out the advisory for more detailed information. Also be warned that the advisory only lists effected systems that they have tested, so the list is most likely a lot longer. Right now there are NO patches out, so your best bet would be to disable FTP, and only turn it on when needed, or to use your hosts.allow and hosts.deny list to control access to ftp. ===End forwarded message=== Looks like an interesting one, boys and girls. Time to kill in.ftpd, maybe! DaZZa -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://slug.org.au/lists/listinfo/slug
