On Tue, 01 Jul 2003, Chris Berry wrote:

> >I think you should also include FTP and NFS in
> >your list.
> 
> FTP I'm researching, I've heard that some FTP servers are exploitable.  
> What's wrong with NFS?
> 

ftp like telnet transmits passwords in the clear.

So it is no way to maintain a website, exchange private files or
similar.  scp, or rsync over ssh, would be much more reasonable for
this application IMHO.  I think the ftp protocol should be on the list.

anonymous ftp (for download only) does not have this problem.

Some ftp daemons have had frequent vulnerabilities but I don't have a
strong opinion about that.

David


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Reply via email to