Berkeley CSUA MOTD:Entry 17312
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/05/24 [General] UID:1000 Activity:popular
5/24    

2000/1/24-25 [Computer/SW/Unix] UID:17312 Activity:high
1/25    Hi I am relatively new to Unix and I am running Red Hat 6.1
        I would like to be able for others to ftp to my machine and don't
        know how to get started.  Is there an ftp server program out there?
        \_ Install wu-ftpd package which is part of distribution, then
           make sure that ftp entry in /etc/inetd.conf is not commented out.
           Also install anonftp package if you want to run anonymous ftp
           server and don't want/know how to set it up by hand.
        \_ Think about installing ncftpd, since wu-ftpd has a few known
           security holes in it (ncftpd is free if you're on .edu).  -John
           \_ If you are running a reasonably up-to-date version of
                wu-ftpd (eg. the one in distribution + patches if any)
                there shouldn't be any security concerns.
                \_ wuftpd's recent history of security holes should say
                   say something about its general tendencies. Who knows
                   how many are still not discovered?
                \_ Triple ditto what the above said about wu-ftpd's security
                   history.  You could have said the same thing 3+ years ago
                   and still been wrong.  I'd never run wu-ftpd.  There's no
                   reason to.  It's like the "microsoft" of ftpd's.  Please
                   slap self with box of noodles and post your wu-ftpd box's
                   IP address.
        \_ As a frequent Apache admin, I like proftpd.  It hasn't had a
           terribly bad history, security-wise, and the configuration looks
           a lot like httpd.conf.
        \_ Two things to keep in mind:
           1) if this is anonymous ftp and you are behind a real domain name,
              and you have a public upload area, you will get used for warez
              whether you like it or not, and 100% of your upstream pipe
              will _disappear_
           2) if it isn't anonymous ftp (i.e. you're letting users log in),
              then you should reallly have them set up s/key like on soda so
              they aren't typing cleartext login passwords over the public
              internet, and getting you hacked in short order (particularly
              if they're coming in from "dirty" net, like a university)
                \_ if it's anonymous FTP, you should be using HTTP instead.
                   if it's non-anonymous FTP, you should be using SCP.  -tom
                   \_ You have any idea how hard it is to get a partner corp
                      to use ssh of any sort for anything?  Getting them to
                      figure out ftp is hard enough.  And no, don't tell me I
                      need new partner corps.  I don't need to RIDE BIKE.
                      \_ You need new partner corps.  You need to RIDE BIKE.
                        \_ Thanks for the tip.
2025/05/24 [General] UID:1000 Activity:popular
5/24    

You may also be interested in these entries...
2013/10/24-2014/2/5 [Academia/Berkeley/CSUA/Motd, Computer/SW] UID:54746 Activity:nil
9/26    I remember there was web version of the motd with search function
        (originally due to kchang ?).  The last time I used it it was hosted
        on the csua website but I can't remember its url (onset of dementia?)
        now. Can somebody plz post it, tnx.
        \_ http://csua.com
           \_ for some reason I couldn't log in since Sept and the archiver
	...
2013/10/28-2014/2/5 [Computer/SW/Database] UID:54751 Activity:nil
10/28   Oracle software to blame for Obamacare website debacles:
        http://www.forbes.com/sites/theapothecary/2013/10/14/obamacares-website-is-crashing-because-it-doesnt-want-you-to-know-health-plans-true-costs
        \_ Larry Ellison is a secret Tea Party supporter.
           Most of this article is bunk, btw. Boy are the Republicans
           getting desperate.
            \_ Umm, no.  Larry Ellison is a not so secret fascist.
	...
2013/12/13-2014/2/5 [Computer/SW/Languages/Web] UID:54757 Activity:nil
12/17   http://axonflux.com/5-quotes-by-the-creator-of-php-rasmus-lerdorf
        Why I love PHP.
12/17
 _________________________________________
/ You will pay for your sins. If you have \
| already paid, please disregard this     |
	...