Date: Mon, 10 Dec 2001 19:59:21 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Rik <freebsd-security@rikrose.net> Cc: freebsd-security@freebsd.org Subject: Re: Why is web mode (-w) disabled in ntop port? Message-ID: <20011210195921.A51790@xor.obsecurity.org> In-Reply-To: <20011211022743.A29482@spoon.pkl.net>; from freebsd-security@rikrose.net on Tue, Dec 11, 2001 at 02:27:43AM %2B0000 References: <20011211022743.A29482@spoon.pkl.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--d6Gm4EdcadzBjdND Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Dec 11, 2001 at 02:27:43AM +0000, Rik wrote: > Hi all, >=20 > I saw ntop in action at BSDCon Europe, and I have decided to try it out > for myself. I primarily wanted to tinker with the web interface, only to > find that it has been unconditionally disabled with a patch applied by > the ports tree. >=20 > I was wondering: Why? IT simply says it was disabled "for security > reasons". Does it hae some kind of dire security problem which hasn't > yet been resolved, except by disabling the feature? Yes. > And can someone tell be whether it was better ettiquette to ask the list > rather than the port maintainer directly? It's better ettiquette to do the research yourself before asking; 10 seconds of looking through the list of FreeBSD Security Advisories at http://www.freebsd.org/security shows you this: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:36.ntop.asc Kris --d6Gm4EdcadzBjdND Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8FYR6Wry0BWjoQKURApzzAJ0dNkiAMTpfaWs29kRQJr0mJnH3igCePb6G 7rmd3nSzV53yPmoAKtaJmN8= =Jnb7 -----END PGP SIGNATURE----- --d6Gm4EdcadzBjdND-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011210195921.A51790>