> > Would it be safe to have a FTP site containing sensitive data > > set up on the same machine we use for our web site? What do you think? > > Severl of the security flaws that have been found in IIS > are of the type that allow the attacker to gain access > to the contents of any file on the system, even if it's > not within the website.
In addition, the ftp protocol is itself insecure. If your data is sensitive, ftp is not the way you want to be distributing it. If you only need to support downloads, then perhaps a password protected SSL web site with directory indexing might work for you... -- Alex Howansky Wankwood Associates http://www.wankwood.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
