Home page logo
/

basics logo Security Basics mailing list archives

Re: Secure FTP Server Search
From: IDS Guy <ids_guy () yahoo com>
Date: Sun, 17 Nov 2002 00:06:40 -0800 (PST)

You can have a look at CERT's site for information
about these FTP commands.

E.g.; for PORT command, please see the following
links...

http://www.cert.org/advisories/CA-1997-27.html
http://www.cert.org/tech_tips/ftp_port_attacks.html



--- Charley Hamilton <chamilto () uci edu> wrote:
I've used sshd under cygwin on win2k for academic
access purposes.
Never dealt with it for general (i.e. varied trust
level) sftp
access.  Don't know enough to comment on whether it
meets your
requirement

not to have some vulnerabilities related with FTP
commands such as FTP PORT / SITE / NLIST

If someone who is more clueful wouldn't mind
enlightening me,
I'd be interested to know, though....

Charley

-- 
Charles Hamilton, PhD EIT               Faculty
Fellow
Department of Civil and                 Phone:
949.824.3752
     Environmental Engineering           FAX:  
949.824.2117
University of California, Irvine        Email:
chamilto () uci edu




__________________________________________________
Do you Yahoo!?
Yahoo! Web Hosting - Let the expert host your site
http://webhosting.yahoo.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault