RE: [WS_FTP Forum] Secure FTP

[Ed Cayce]

Title: Message

We use SSL over FTP.  We set ours up without a certificate purchased from a cert authority, and just used the default one installed.  Users get a warning the first time that the cert is not verifiable but we don’t really care – it’s for internal use.  We have been using the WS_FTP Pro client for it.    On the firewall issue – we have a firewall that blocks most ports.  In the FTP server there is an option in Firewall Settings for a range of ports to use for secure FTP – we set a range and have the firewall allow the ports in that range.  Our firewall does not do NAT since this is a server at a colo facility, but I think NAT will work OK.  Only the data gets encrypted, not the TCP headers etc.  Otherwise the TCP/IP stack wouldn’t know what to do with it…   The first time I set up SSL FTP on WS_FTP Server it did not work at all and I spent a lot of time on it.  I finally uninstalled and reinstalled and it worked fine.  No idea why…   Ed     Edgar E. Cayce III Chief Technology Officer MedTek [EMAIL PROTECTED] 818-788-8700 x15 ofc 310-923-2679 cell 818-788-8730 fax   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Mohorn Sent: Friday, April 23, 2004 2:40 PM To: [EMAIL PROTECTED] Subject: RE: [WS_FTP Forum] Secure FTP   Well, can you give me more information on how it works and how to set it up.  I have the book, but it doesn't really give me much case study examples.   I currently have mine set for standard FTP.   I would like clients to login and send files securely.   Do I need to purchase a certificate for this?  If so, are they using SSH or SSL or what?  If both, which is better?   Our Firewall uses NAT and I assume it's changing the ports in the payload.  If the session is encrypted, it won't be able to change the ports.  Do I setup a range of ports for SFTP or what?   What other clients other than WSFTP_Pro allow for secure transmission -- assuming I go SSH or SSL?   Until I can get this working... I simply have clients sending files using AES WinZip 9 compresision and turned off listing capabilities.     -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Cayce Sent: Friday, April 23, 2004 4:34 PM To: [EMAIL PROTECTED] Subject: RE: [WS_FTP Forum] Secure FTP I use it… What’s up?     Edgar E. Cayce III Chief Technology Officer MedTek [EMAIL PROTECTED] 818-788-8700 x15 ofc 310-923-2679 cell 818-788-8730 fax   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Mohorn Sent: Friday, April 23, 2004 2:21 PM To: [EMAIL PROTECTED] Subject: [WS_FTP Forum] Secure FTP   Is there anyone out there that uses secure FTP?