what to do when you've been rooted

[Rick Moen]

begin Kevin Jamieson quotation:

> I'm sure most of the people here will likely say 'scp' in place of
> ftping files from a machine - but, if this is a user box ftp is most
> likely expected.

"Expected" by people who don't have to deal with the resulting breakins,
when users' ftp passwords get sniffed and the machine gets cracked
again.  There are ways to mitigate the security impact of non-anonymous
ftp, but first sysadmins needs to drop this attitude of "We'll stay
vulnerable to accomodate users' refusal to leave the '80s."  Please see
.signature block.

> I think Proftpd was mentioned before as an alternate to wu.

Complete list of alternatives:
http://linuxmafia.com/pub/linux/security/ftp-daemons

-- 
Cheers,                                      "Reality is not optional."
Rick Moen                                             -- Thomas Sowell
rick at linuxmafia.com