RE: ftp server windows
IIS has a simple and not particularly secure firewall. It is a hell of
a lot better but it is definitely not up there for security
Vs-ftp is considered good if patches (like everything)
IIS FTP has had numerous vulnerabilities, especially in the past - the
default proxy forwarding was a good one
CSW
—–Original Message—–
From: Roger A. Grimes [mailto:roger@banneretcs.com]
Sent: 23 July 2005 2:54
To: Leon; security-basics@securityfocus.com
Subject: RE: ftp server windows
IIS’s FTP is an excellent, secure FTP server. I don’t know of any
exploits against it ever other than one obscure client-side
cross-scripting type of attack that was never publicly exploited.
I’ve been running it for years and never a single problem.
Roger
************************************************************************
***
*Roger A. Grimes, Banneret Computer Security, Computer Security
Consultant *CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CNE (3/4),
CEH, CHFI
*email: roger@banneretcs.com
*cell: 757-615-3355
*Author of Malicious Mobile Code: Virus Protection for Windows by
O’Reilly *http://www.oreilly.com/catalog/malmobcode
*Author of Honeypots for Windows (Apress)
*http://www.apress.com/book/bookDisplay.html?bID=281
************************************************************************
****
—–Original Message—–
From: Leon [mailto:roastin@yahoo.com]
Sent: Thursday, July 21, 2005 8:19 PM
To: security-basics@securityfocus.com
Subject: ftp server windows
Does anyone know of a good ftp sever for windows with a good security
track record. WS_FTP is out because of the last vuln where not only did
they not address the issue when it was posted on bugtraq but it took
them close to 3 weeks to come up with a patch.
I have been told about serv-u and bulletproof. Are there any others
that I should be aware of (with a good history any can google ftp server
windows).
Thanks
____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs