On Sun, 18 Nov 2007 14:30:05 -0800 (PST) Colin Sharpe wrote: > > --- Frank Cox <[EMAIL PROTECTED]> wrote: > > > The "se3curity" is always important. If you're > > uploading files for all the world to see and someone > > > else gets your passwords, then he can also upload > > files for all the world to see. Viruses, phishing > > sites, warez distribution points, you-name-it. > > > > Start worrying. Please. > > It depends on what you're getting or putting with ftp. > In a lot of cases, such as most free software, the > file is available to everyone in the world by > anonymous ftp, requiring no password or user ID. When > dealing with open source over anonymous ftp, security, > or even se3curity, is not an issue.
Yes it is! This is not about anonymous FTP. Name any site you can download their index.php file by anonymous FTP. Your login password and username are sent as plain text when using FTP to upload files to your site. If harvested then your website can be defaced, or used as a repository for nasty cross site scripting, viruses etc. -- Michael All shall be well, and all shall be well, and all manner of things shall be well - Julian of Norwich 1342 - 1416 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
