what to do when you've been rooted

Rick Moen rick at linuxmafia.com
Mon Jan 22 11:50:05 PST 2001


begin Kevin Jamieson quotation:

> I'm sure most of the people here will likely say 'scp' in place of
> ftping files from a machine - but, if this is a user box ftp is most
> likely expected.

"Expected" by people who don't have to deal with the resulting breakins,
when users' ftp passwords get sniffed and the machine gets cracked
again.  There are ways to mitigate the security impact of non-anonymous
ftp, but first sysadmins needs to drop this attitude of "We'll stay
vulnerable to accomodate users' refusal to leave the '80s."  Please see
.signature block.

> I think Proftpd was mentioned before as an alternate to wu.

Complete list of alternatives:
http://linuxmafia.com/pub/linux/security/ftp-daemons

-- 
Cheers,                                      "Reality is not optional."
Rick Moen                                             -- Thomas Sowell
rick at linuxmafia.com



More information about the talk mailing list