[Zope] - ZServer

[Jim Fulton]

Michel Pelletier wrote:
> 
> I noticed that when you FTP into ZServer it doesn't matter
> what userid or password you use, it allways says 'Login Successful'.
> Of course, your not authorized to see anything but your still
> logged in and there is still an open Medusa channel.  Couldn't this
> be a hole into a possible Denial of Service attack?

How is this different from anonymous FTP?
How do other servers limit denial of service attacks 
on anonymous FTP?  

Note that a medusa connection does not consume many 
resources and doesn't tie up the application
in any way.

Jim