Existing users, 
Within hours of installing this program, my Mac was hit with a hacking attempt. Let me outline why I see the two being related and let the user decide.
1) Installed PureFTPd Manager
2) Little Snitch caught it phoning home to 82.224.8.137, which is on proxad.net. I let it go .... bad me.
3) Within hours, I get hit with a hacking attempt on port 22 from ... proxad.net (212.27.40.200). Attempting login with Usernames such as ... anonymous, darkman, chuck, science, die and many more.
4) You decide, but it looks like somebody associated with this program is taking the address it get with the phone home routine and attacks back.
User beware!
Version:
Beware of this program.
Feedback Type: Commentary
Contributed by: priller01 Tuesday, March 08 2005 @ 06:33 AM PST
Product Platform: MacOSX
Used Product For: Less than a month
Recommend Product: NO
Comments
Re: Beware of the above post. - ammacdon
dear paul_robinson1,physical location has ABSOLUTELY nothing to do with the ability, wherewithal, or motive for this particular or any potential hack. original poster's concerns are quite valid.
Wednesday, January 18 2006 @ 10:24 AM PST
Beware of this program. - bburn
OK so I ran Little Snitch when I started PureFTP and here is what I got after I started it up (app was already installed):PureFTPd Manager wants to connect to perso200-g.free.fr on TCP port 80 (http)
So what's that all about? Why is PureFTP trying to call home to this domain in France, and if it did, what is it telling them? Should we be concerned?
Wednesday, March 30 2005 @ 05:29 AM PST
Beware of this program. - bburn
ummm...now that i think about it, the app is probably just calling home for a version check, and version checking is an option with PureFTPd...sorry about that.Wednesday, March 30 2005 @ 05:37 AM PST
Version checking. - IIR
I don't use this GUI program - well, not since it nuked my settings several times across several versions - it is quite poor on maintaining current configurations.I use the command line to configure pureftpd and compile it from source. The pureftpd daemon *does not* phone home. For those seeing the connection from this program, make sure of what you are observing. If it is 'PureFTPd Manager' phoning home, then it's a version check. If it is the pureftpd daemon phoning home, then yes there is something that shouldn't be there.
Saturday, May 14 2005 @ 07:17 AM PDT
Beware of this comment. - anothersphere
Given an FTP server with a standard port which is visible on the web is likely to be probed within minutes of installation this occurance is not necessarily as dire as the comment suggests. Probably pure coincidence. If something dark was afoot the phone home would ship your user id and passwords and the 'hacker' would be redistributing your I shot myself dot com photos faster than you can say saddo!Thursday, June 23 2005 @ 03:50 PM PDT
Beware of the above post. - paul_robinson1
The IP numbers in the above post make no sense. They may have been switched - would that be to make things more dramatic? If not, this poster should at least have checked his/her basic facts first.A tiny little bit of research would have shown that one IP is in Paris, and the other in Garonne. About as far part as you can get and still be in France. Both IPs are from proxad.net - one of biggest ISPs in France.
So this poster's tale is the equivalent of concluding that some developer in New York is responsible for a hacking attempt from Boston because they both use Wanadoo.
Reply to This
Wednesday, March 09 2005 @ 02:38 AM PST