On Fri, 2003-06-27 at 12:51, Alan Cox wrote: > > Use sf/UFT with IP-based filtering. At least then you're not passing > > cleartext passwords everywhere. > > Its still very insecure in most networks, you are now dependant upon > your entire network area between the client and server box being secure, > meaning every box that is directly on that network (including notionally > seperated by switches) > > Cleartext is bad, it only takes one windows trojan with a password > sniffer
Well, yes, but at least with sf/UFT, although you do have what Rick Troth referred to as a "remote disk-filling service" (hence my recommendation to only allow it from particular hosts), no one has to put passwords in anything, so although the content is insecure, you're not further compromising your authentication system. Adam
