Visit Our UNIX and Linux User Community


FTP debate...


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers FTP debate...
# 8  
Old 10-21-2002
The SANs report for SSH vulnerabilities is for older releases and in particular and more broadly open SSH releases. My advise would be to not quickly berate SSH just because of that. SSH (older versions) had problems, but with the exception for a trogan at the OpenSSH and mirror sites, the commercial distributions (like SSH) are much more secure than FTP, etc.

A single release problem ior two in an application does not merit the negative SSH blurbs. Recent releases are fine...... so far Smilie Let's tone down the SSH negative comments. Might be better to say:

"with SSH, make sure you are using the most recent version..."

because the recent version is OK, according to SANS ......

OBTW: this applies to just about all software Smilie
# 9  
Old 10-22-2002
I understand that, I definitely use ssh when connecting via the internet. I don't think it's right to dump on FTP or telnet, though, especially when similar problems occur with other protocols/applications.

The problem with so-called "secure" software, like ssh, is that it's taken for granted. Most users jump and say what the poster above said. Security is about mitigating the ineviatable. There is no security catch-all. Let's not delude ourselves.

So are you more likely to get your passwords sniffed by some man-in-the-middle, or are you more likely to get hit by the next ssh-exploiting worm that floats by? It's hard to say...

And don't forget, the versions with holes in them were at one time "the most recent version"... Smilie

My point was that ssh is not foolproof. It takes as much work to secure a box with only ssh remote access as it does to secure one using telnet or ftp or whatever. I by no means think everyone should stop using ssh, but I also don't believe that telnet should not be used either.
# 10  
Old 10-23-2002
I don't want to interrupt your ssh debate, but I would like to point out another option. The company that I work for uses ftp to distribute data to our clients. I don't like ftp very much. But we have to use a protocol that is widely available to our clients. This simply shuts the door on sftp.

But just about every web browser can handle HTTPS. It has its flaws too. But it's firewall friendly. It is truly very secure. If you really trust that "third party" who issues the certificates, you can argue that it is more secure than ssh because the "initial contact" problem goes away.

And HTTPS runs on a service called SSL which really could be used for any TCP based service. Yeah, that's a big "could be". But HTTPS is very secure and very available today.

I haven't had much luck promoting HTTPS around here. Still, I thought it might be worth a mention in this thread...
 

Previous Thread | Next Thread
Test Your Knowledge in Computers #847
Difficulty: Medium
Proximity marketing is the localized wireless distribution of advertising content associated with a particular place.
True or False?

4 More Discussions You Might Find Interesting

1. Linux

Where are people landing on the sytemd debate?

My two primary distros are Gentoo and Debian and I'm a fan of the older more traditional init system but as we all know Debian is moving to systemd. Not sure how impartial the crowd is here but I'd like to hear people's opinions. (4 Replies)
Discussion started by: Swathe
4 Replies

2. HP-UX

[Solved] Unable to rename file in ftp server .Net:FTP perl

Hello All, I am trying to connect to ftp server and get the files. Also i need to rename the file in other ftp dir. rename method is not allowing me to rename the file in other dir. When i tried copy command by using net::FTP:FILE then perl says it is not installed. Can some body help me to... (2 Replies)
Discussion started by: krsnadasa
2 Replies

3. UNIX for Advanced & Expert Users

Using FTP to check whether file is completely FTP... plz find the description below

Hi, We have some clients who will place huge files in to one of the remote server. And the shell script written in our local server to retrieve client files (using FTP) placed on one of the remote server of ours by clients. My question Is there any FTP command/script to check from my local... (1 Reply)
Discussion started by: nmsrao
1 Replies

4. Linux

Linux-laptop compatibility debate

Hey guys, i use my mac laptop and i love it, but i have decided its time to break the mold and use linux, and since linux on macs suck, i need to know what kind of pc to build... I want to know what kind of motherboard, wireless cards, hard drives, laptops, video cards, and etc. people have had... (3 Replies)
Discussion started by: mesaynaysayer
3 Replies

Featured Tech Videos