Re: Linuxtag

From: Joerg Jaspert (
Date: Sun Apr 28 2002 - 01:50:14 CEST

Russell Coker <> writes:

>> Ok, then we have one ftp Server. :)
>> Do you have an SE Enhanced FTP Server ? :)
> I have a policy for ftp servers that is quite restrictive. We could
> intentionally install an old FTP server with a security hole if you
>> like. ;)

Och. No. :)
install muddleftpd :)

> Someone who breaks it will only be able to run "ls" and can't write to any
> file. The only raised priviledge level of the FTP server is the ability to
> log to syslog.

Hmm, muddleftpd is out then. It has its own logging :)

> One of my future plans is to write some sample exploitable programs and
> exploit programs for them, then I can demonstrate how such programs allow
> root exploits on unprotected systems but don't allow anything on SE systems.

Hmm, sounds nice.
This Linuxtag has a very good site: I get a full configured Debian SE
System. (And i kill you if you rm -rf / that on 9. Juni ! ) :))

begin  OjE-ist-scheisse.txt
bye, Joerg
Registered Linux User #97793 @

-- To UNSUBSCRIBE, email to with a subject of "unsubscribe". Trouble? Contact

This archive was generated by hypermail 2.1.3 : Sun Apr 28 2002 - 01:50:40 CEST