using debian 3.1, setup accordingly to the eprfect debian setup and using ispconfig.
I got a report from tiger :
# Checking listening processes
NEW: --WARN-- [lin003w] The process `proftpd' is listening on socket 40492 (TCP on
220.127.116.11 interface) is run by web19_tibi.
now my question is how can a user with shell access (web19_tibi) be the owner of the listening proftpd deamon?
Or is this a normal behaviour?