Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: mapping FTP site as local drive
Special Forums Windows & DOS: Issues & Discussions mapping FTP site as local drive Post 30667 by cerberusofhate on Friday 25th of October 2002 12:54:26 AM
Old 10-25-2002
Quote:
Originally posted by LivinFree
smbd/nmbd take, from experience, very little resource on the machine.

And "0-day" exploits is a weak excuse not to use specific software - that type of threat can affect any piece of software ever created... If you're so worried about 0-day security holes, don't let strangers on your damn network!

Search for ftp exploits, then for Samba-specific exploits - see which you find more of... Cripes, wu-ftpd is the cause of half of them, but nearly all implementations have had problems at one point of another.
First of all, I would never use wu-ftpd, only half-witted morons use that daemon, I use Pro-FTPD. Secondly, like I said this is a high risk network, but the information being copied to the FTP server and forth is encrypted (encrypted before being sent, and after), so it doesn't matter if they can get the passwords (which would require rooting one of the servers, which is damn near impossible). Thirdly, not letting users on the network is not an option, thats plain and simple. Fourthly, Samba is still in its infant stage in my opinion, it has had nowhere as many code audits as Apache or Pro-FTPD. I don't trust it. For those of you that would just tell me to shut the hell up about the users/security, I can't take the risk with this kind of data being transferred. I can't say what it is, but I can assure you that its important enough to encrypt it on the server, and store all decryption keys on cd-rws. I forgot to mention though, sniffing is impossible because the network is switched. In order to sniff the passwords, they would already have to have root on the FTP server, which is redundant as hell, because then they could just copy the damn files. And finally, you are correct, 0-day exploits happen all the time. Thus, running less services lessens the propability that there will be a 0-day exploit for the few services that we do run, in which one or more hosts will be comprimised before a patch is available. Its all about statistics, and thats how I sleep at night. Oh yeah, commercial solutions are unacceptable, looks like the user is just going to have to deal with copying the files manually.
cerberusofhate
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

percentage sign in a drive mapping ?

Good day all, I'm hoping someone can help me understand what the percentage sign is and does in mapping a drive to a server ? I provided the example for you. (ie \\server1\share%simon) thanks simon2000 (2 Replies)
Discussion started by: simon2000
2 Replies

2. Solaris

OpenSolaris 2008.11 Hard Drive Device mapping

Dear Solaris Experts, I am a bit confused about OpenSolaris Hard Drive device mapping. On RedHat Linux based system, an IDE on first channel master drive is mapped as /dev/hda, first channel slave drive will be /dev/hdb, etc. For (Open)Solaris systems I found it as /dev/rdsk/c3d0p0 : ... (0 Replies)
Discussion started by: Zepiroth
0 Replies

3. Shell Programming and Scripting

Creating a text file in Local Drive

Hi All, I am new in Shell Script. I have a ksh script running in the Unix Server and basically in that script I need to create a text file but the text file has to be generated in the local PC (the user computer such as in C:\ drive). I have no idea on how to do it and I need it pretty urgently.... (2 Replies)
Discussion started by: yramli
2 Replies

4. Web Development

Creating a blog site on a local computer

Hello! I would like to create a blog website on a web domain of mine. The blog will be used for publishing economics-lated articles. I tried to use a few open source packages for blog creation (WorldPress, b2evolution, Movable type) which I wanted to test on a local computer before arranging... (5 Replies)
Discussion started by: degoor
5 Replies

5. AIX

Do I need to configure my local windows to FTP files from local windows to a UNIX AIX server?

Hi Friends, I have this script for ftping files from AIX server to local windows xp. #!/bin/sh HOST='localsystem.net' USER='myid_onlocal' PASSWD='mypwd_onlocal' FILE='file.txt' ##This is a file on server(AIX) ftp -n $HOST <<END_SCRIPT quote USER $USER quote PASS $PASSWD put $FILE... (1 Reply)
Discussion started by: rajsharma
1 Replies

6. HP-UX

configuring site-local IPv6 address

How do I configure site-local IPv6 address in HP-UX box? I can get link local IPv6 address automatically when I put IPv6 up. aps39-88-root# ifconfig lan0 inet6 up (0 Replies)
Discussion started by: kirtikjr
0 Replies

7. Red Hat

drive mapping

What is the eqiuvalent of /dev/dsk/rdsk in linux vs Solaris (1 Reply)
Discussion started by: walnutpony123
1 Replies

8. Debian

How to install package from local hard drive?

Hello, I want to install a .deb package which I already have on the hard drive. I have tried to edit /etc/apt/sources.list to point to the file but apt-get says it can't find it. The package is not in the Debian repository. Debian 6.0 (3 Replies)
Discussion started by: snorkack59
3 Replies

9. UNIX for Dummies Questions & Answers

Execution of local commands for remote site.

Hi all, I have a problem with ftp execution within unix environment. I'd like to get files on remote and delete them later, but here is too crowd so I can accidentally delete some files. Can I delete only the files I can get to the local folder? I can ask this question with a different... (14 Replies)
Discussion started by: attillam
14 Replies

10. UNIX for Dummies Questions & Answers

Mapping drive

please forgive me. i know this is unix forum. CIFS can map to shared windows folder. i just wonder if windows can map to unix shared folder. if yes, please enlight me... (5 Replies)
Discussion started by: lawsongeek
5 Replies

LEARN ABOUT DEBIAN

io::all::ftp

IO::All::FTP(3pm)					User Contributed Perl Documentation					 IO::All::FTP(3pm)

NAME

       IO::All::FTP - Extends IO::All to FTP URLs

SYNOPSIS

	   use IO::All;

	   "hello world
" > io('ftp://localhost/test/x');  # save to FTP
	   io('ftp//example.org/pub/xyz') > io('xyz');	    # GET to file

	   # two ways of getting a file with a password:
	   $content < io('ftp://me:secret@example.org/xyz');
	   $content < io('ftp://example.org/xyz')->user('me')->password('secret');

DESCRIPTION

       This module extends IO::All for dealing with FTP URLs.  Note that you don't need to use it explicitly, as it is autoloaded by IO::All
       whenever it sees something that looks like an FTP URL.

METHODS

       This is a subclass of IO::All::LWP. The only new method is "ftp", which can be used to create a blank IO::All::FTP object; or it can also
       take an FTP URL as a parameter. Note that in most cases it is simpler just to call io('ftp//example.com'), which calls the "ftp" method
       automatically.

OPERATOR OVERLOADING

       The same operators from IO::All may be used. < GETs an FTP URL; > PUTs to an FTP URL.

SEE ALSO

       IO::All::LWP, IO::All, LWP.

AUTHORS

       Ivan Tubert-Brohman <itub@cpan.org> and Brian Ingerson <ingy@cpan.org>

COPYRIGHT

       Copyright (c) 2007. Ivan Tubert-Brohman and Brian Ingerson. All rights reserved.

       This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

       See <http://www.perl.com/perl/misc/Artistic.html>

perl v5.10.0							    2007-03-29							 IO::All::FTP(3pm)
All times are GMT -4. The time now is 10:36 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy