On Wed, Dec 6, 2017 at 8:06 AM, Elardus Engelbrecht < [email protected]> wrote:
> W Mainframe wrote: > > >Come on.....For years FTP works.... Now... > > Yes, it is working good, but for security reasons, you need to use > ____something else___ so unauthorized transfers can not take place and your > data is not exposed somewhere. > > > >Every OS needs to upgrade for SFTP? > > Of course. Unless you are in a system setup where source and destination > machines are locked up properly inside a [closed/fire-walled] network. > > Oh, that is not good enough. Say, you transfer something from a secure / > locked up system to a [unprotected] PC. Now some person inserts a USB stick > into it and steal your data after that transfer. > > > >Only now, this protocol is unsure???? > > What protocol is 'unsure'? FTP? SFTP? or FTPS? > I think he meant "insecure" instead of "unsure". But should have said "vulnerable". FTP is "clear text" and so insecure. FTPS is supposed "secure" because it uses TLS (was SSL). But TLS has vulnerabilities under some conditions ( https://www.gracefulsecurity.com/tls-ssl-vulnerabilities/). SFTP is secure because it uses the SSH encryption protocol. But that has vulnerabilities too. https://www.cvedetails.com/vulnerability-list/vendor_id-120/product_id-317/SSH-Ssh2.html > > Rather, please post what you are needing to resolve your problem. > > Of course, secure transfers come with a price, time, setup and testing. > > Groete / Greetings > Elardus Engelbrecht > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > -- I have a theory that it's impossible to prove anything, but I can't prove it. Maranatha! <>< John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
