[EMAIL PROTECTED] <> wrote on Wednesday, March 31, 2004 11:35 AM: > Sniffing on the LAN isn't my main concern, it's the > concentration points > inbetween A and B. Good idea on the SSL wrapper on Telnet, > although the > original poster said they doesn't want to offer shell access. I'm > not quite sure the security community's concensus would agree that FTP > is better than > SCP/SFTP. I certainly don't, but I've already made that > point. So that > leaves us with flaws in implementation *and* plaintext > usernames/passwords. That doesn't give me warm fuzzies.
Could I interrupt this rather unenlightening exchange for just a moment to point out that you can have your cake _and_ secure it? There's a good couple of dozen implementations of the draft standard for FTP over SSL / TLS listed at http://www.ford-hutchinson.com/~fh-1-pfh/ftps-ext.html, not to mention any of a number of other FTP schemes that avoid passing usernames and passwords around in plaintext (S/Key, SASL, etc). You can have the comfort of FTP, the protocol you've come to love, at the same time as using a secure communications protocol that has become trusted by millions (although, with the number of "didn't read the instructions" mistakes made by some of the implementations, goodness only knows why). Okay, if I go on with this much longer, it'll turn into an advert, so I'll leave it at that. Alun. ~~~~ -- Texas Imperial Software | Find us at http://www.wftpd.com or email 1602 Harvest Moon Place | [EMAIL PROTECTED] Cedar Park TX 78613-1419 | WFTPD, WFTPD Pro are Windows FTP servers. Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
