Hello.

2012/07/12 14:44:48 -0400 Lowell Gilbert 
<freebsd-questions-lo...@be-well.ilk.org> => To Peter Vereshagin :
LG> Peter Vereshagin <pe...@vereshagin.org> writes:
LG> 
LG> > 2012/07/12 13:19:56 -0400 Lowell Gilbert 
<freebsd-questions-lo...@be-well.ilk.org> => To Kaya Saman :
LG> > LG> URLs as well as FTP. For ones that aren't, (and assuming the rather
LG> > LG> silly security policies won't allow for an external web-based FTP 
proxy)
LG> > LG> you may need to bring them in by offline media.
LG> >
LG> > I believe there should be the way of using the passive ftp (and any other
LG> > protocol) via the HTTP CONNECT method to the ftp (or any other port 
needed for
LG> > other protocol/app) port and then handling the both control and data
LG> > connections through the consequent copmmands and data exhange.
LG> 
LG> You've just described an FTP proxy. That's already been ruled out.

But I thought the squid-like http proxy while serving the FTP URLs is what the
ftp proxy is? It's a different matter at least because it's a nothing about
HTTP's CONNECT method.

Can you point me to a definition of 'ftp proxy' please? Wikipedia and Google
have nothing on this.

What I described is mentioned as 'http tunneling' in delegate's docs and isn't
specific for ftp at all.

LG> > Most surprise for me is why no one is interested about what kind of a 
danger
LG> > the ftp protocol can ever be? i. e. skype is much more vicious in 
comparison to
LG> > ftp and s much harder to be restricted by a packet filter if even 
possoible.
LG> 
LG> Unfortunately, it's common. Often it's a reaction to the idea that FTP
LG> is an insecure protocol -- which is true, in a sense, because
LG> authentication information is passed in the clear, but irrelevant to
LG> anonymous use. This is silly, yes, but it's fairly popular among the
LG> types of "IT" people who think that NAT is a security service. Or
LG> possibly Nothing But HTTP is allowed through the firewall (which is, at
LG> least, a rational response to not knowing much about TCP/IP).

Management is always the same on both sides of Earth, right.

--
Peter Vereshagin <pe...@vereshagin.org> (http://vereshagin.org) pgp: A0E26627 
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to