I just discovered (out of curiosity) some rather bizzare behavior out of ftp that could at a minimum end up serve to create an ugly denial of service attack... Basicly, I was curious to see what the hell would happen if I telneted to the ftp port & mucked around with the connection. Found some intresting things too. First thing I found out is that I could sit there and make my connection display bizzare stuff, as the ftpd displays command state stuff even before it does anything with user or pass, and does stuff with chuid & (potentialy) with chroot. This sort of thing is possible: root 497 0.0 1.6 1.62M 328K ? S 0:00 -fusion: connected: `fuckin strange` (ftpd) It'll display command names etc. etc. But, it get's better... I logged in, by using "user" & "pass" with non-breaking spaces to feed the right stuff to the daemon, breaking spaces are interpreted as separate lines, so you get "user not understood" junk if you don't use them. After that the intresting stuff started... I found naturaly I couldn't do a "list" because it couldn't form a data connection, normal enough there... Then I set PASV mode, and it got intresting. Once I did that, I tried to do a "list" and things just sort of hung... So, I escaped from my telnet, killed the connection & figured "hmm oh well, that was non-substantive". This is when I got a surprise though... I then ran a ps, and came up with this: tfs 497 0.0 1.9 1.55M 392K ? S 0:00 -fusion: tfs: list (ftpd) tfs 575 0.0 0.9 800K 184K ? S 0:00 /bin/ls -lgA on: tfs: list They seem to linger at least as long as it takes for the tcp connection to close off... That can take a while... Obviously, it'd be damn easy to script out something to take advantage of this behavior & rapidly spawn 80 bazzilion processes that'd just hang there. Not only that, but you'd get 2 for the price of 1 to boot. This is bizzare enough to where I'm rather glad I have ftp wrapped. In reality, it doesn't seem like a huge problem, but on the other hand, it seems to be enough of a a potential problem to set me wondering if any other bizzare stuff is lurking in ftpd. Tim