Received: with ECARTIS (v1.0.0; list gopher); Mon, 11 Jul 2005 18:04:22 -0500 (CDT) Received: from [192.94.73.30] (helo=sdf.lonestar.org ident=root) by glockenspiel.complete.org with esmtp (Exim 4.50) id 1Ds7K0-0000IS-OW for gopher@complete.org; Mon, 11 Jul 2005 18:04:22 -0500 Received: from sdf.lonestar.org (IDENT:beaker@norge.freeshell.org [192.94.73.3]) by sdf.lonestar.org (8.13.1/8.12.10) with ESMTP id j6BN4920005491 for ; Mon, 11 Jul 2005 23:04:09 GMT Received: (from beaker@localhost) by sdf.lonestar.org (8.13.1/8.12.8/Submit) id j6BN48ve004058 for gopher@complete.org; Mon, 11 Jul 2005 16:04:08 -0700 (EDT) Date: Mon, 11 Jul 2005 16:04:08 -0700 From: =?iso-8859-1?Q?Jeff=5FW?= To: gopher@complete.org Subject: [gopher] Re: which gopherd to use and other info Message-ID: <42d2fae8.SKURzH9KHeYxpHog%beaker@freeshell.org> References: <42D2E0EF.9020407@route-add.net> In-Reply-To: <42D2E0EF.9020407@route-add.net> User-Agent: nail 11.17 11/18/04 MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit X-Spam-Status: No (score 0.2): FORGED_RCVD_HELO=0.05, NO_REAL_NAME=0.178 X-Virus-Scanned: by Exiscan on glockenspiel.complete.org at Mon, 11 Jul 2005 18:04:22 -0500 X-archive-position: 1059 X-ecartis-version: Ecartis v1.0.0 Sender: gopher-bounce@complete.org Errors-to: gopher-bounce@complete.org X-original-sender: beaker@freeshell.org Precedence: bulk Reply-to: gopher@complete.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: Gopher X-List-ID: Gopher List-subscribe: List-owner: List-post: List-archive: X-list: gopher Alessandro Selli wrote: > sovietassassin@gmail.com wrote: > > im looking to get into gophering and would like to setup my own > > gopherd. the two main gopherd's ive found are pygopherd and the umn > > gopherd and im currently running the umn gopherd. > > Please read this piece of warning concerning UMN gopherd: > > Gopherd is no longer maintained. Security holes were being found in it > on a regular basis, and nobody really had the inclination to give it a > thorough security audit given the fact that more advanced Gopher servers > existed. Therefore, I would strongly urge you *NOT* to deploy UMN Gopherd. It's true that the old UMN Gopher server as-is is potentially a security issue. That said, there _are_ patches out there that address some of the known vulnerabilities, and you can run it chrooted to reduce your exposure. It'll run fairly well on really old hardware that has few other uses - I've got mine on a 20MHz Sparc. SDF, a public access unix system, has been running the UMN Gopher for two or more years without incident - at least none that I'm aware of; YMMV... :) Cheers, Jeff Ref: SiMpLe MaChInEs - gopher://beaker.mdns.org SDF/Freeshell - gopher://freeshell.org