Dailydave mailing list archives
Re: FTPD! :>
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 02 Sep 2009 18:06:29 +0000
1. Why is CERT recommending removing anonymous write access. This is something that is pretty rare, I imagine?
I'm sure it's still used for sending in crash dumps and similar stuff.
Aren't all the boxes "anonymously" vulnerable to this already used as warez servers since they have remote writable access turned on?
Only if read access is enabled, too. And it might even be relatively safe again to run an open FTP server. There seems to be little systematic probing to find suitable upload locations deeper down the directory tree. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- FTPD! :> dave (Sep 01)
- Re: FTPD! :> Florian Weimer (Sep 02)
- Re: FTPD! :> Shane Macaulay (Sep 07)
- Re: FTPD! :> Florian Weimer (Sep 02)