[linux-sec-uk] Secure FTP

Mark linux-sec-uk at mailman.lug.org.uk
Tue Aug 19 10:44:01 2003


--=-ZUvkVKLFreoGQPlVEtlK
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Tue, 2003-08-19 at 10:31, Daniel wrote:
> On Tue, 19 Aug 2003, Alex Hudson wrote:
> > I have used qmail in the past, although I try not to any more due to it=
's
> > non-freeness. I dislike its configuration system, but it is nice and
> > simple. Postfix is something I need to learn more about though, since i=
t's
> > what I'm considering using at work (well, Kolab to be specific).
>=20
> qmail is good as far as i've seen..the only real security problems come
> when you start adding mods to it. eg the bouce message overflow..
> saying that i belive most mail daemons do have there own flaws, some wors=
e
> than other.

Most software has holes, I always feel it's a case of the lesser of the
evils. Almost everything in an infrastructure has a security flaw of one
description or another, if you cant find one in the software, look at
the staff, it's a case of just how feasible it is for it to be abused.


> Point taken..although i havent really seen anything that makes me feel
> safe using sendmail, exim, postfix etc.. so i've just stuck to qmail with
> only a few mods (qmail-scanner, daemon tools, spam-assassin and
> A.V)..never seem to have had a problem with that setup what so ever..
> Saying that I did like it when I was usng sendmail ;) aslong as it was al=
l
> patched anyway muhahaha...

I use sendmail, very happily, but then the reason I feel safe using it
is because of the kernel modifications that are done to the host system,
not convinced I would use it if the box was a default install..(then
again, does anyone roll out default installs anywhere?)


--=20
                          Mark
                   www.wwjh.net/~mark
 "If you know yourself, knowing the enemy does not matter."


--=-ZUvkVKLFreoGQPlVEtlK
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQA/QfDekW8rr2DByCIRAvm5AKCqsUsOkL/Pb3oLRm6Td1f1qhmtBQCeI0dZ
qxzjt71im8ruliShQNNgEQA=
=mMRx
-----END PGP SIGNATURE-----

--=-ZUvkVKLFreoGQPlVEtlK--