Re: Are FTP Clients on unix boxes turned off?
From: Mark Rafn (dagon_at_dagon.net)
Date: 02/03/05
- Previous message: Timothy J. Bogart: "Re: Are FTP Clients on unix boxes turned off?"
- In reply to: Divakar: "Are FTP Clients on unix boxes turned off?"
- Next in thread: Dave Hinz: "Re: Are FTP Clients on unix boxes turned off?"
- Reply: Dave Hinz: "Re: Are FTP Clients on unix boxes turned off?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 3 Feb 2005 14:28:33 -0800
Divakar <divakar.j@gmail.com> wrote:
>In one of my assignments, we are trying to propose a solution involving
>using ftp clients on unix boxes.
Generally this is a bad place to ask homework questions, but this one is
specific, interesting, and not asked every week - nice job :)
Does the assignment specify use of FTP, or is this negotiable? FTP is an
annoying protocol network-wise (lack of encryption, use of multiple
connections), and should probably be avoided if possible. Command-line
HTTP or SSH clients like wget or scp are somewhat less available out of
the box, but can be added to almost all systems, and allow you better
security, scriptability, and flexibility in network firewalling.
>how unix sysadmins typically look at ftp clients on a unix box.
>1. First of all, Are ftp clients available by default on all main unix
>platforms ? (Aix, Solaris, HPUX, Linux etc.)
Mostly, yes, for default installs of the OS. The server is usually disabled,
but the client is usually there if any client network tools are. Like any
specific, this is only "mostly", there are no guarantees.
>2. Do sysadmins perceive using ftp clients on unix boxes as a security
>threat of some sort.
Smart sysadmins discourage its use, but it's not a threat in itself. It may
be removed as part of a "remove EVERYTHING that you don't absolutely need"
policy, which has some value.
Passwords are generally sent plaintext in FTP, so it's not considered even a
vaguely secure protocol. There are newer versions that encrypt the
authentication, but most of what you'll find installed by default won't.
-- Mark Rafn dagon@dagon.net <http://www.dagon.net/>
- Previous message: Timothy J. Bogart: "Re: Are FTP Clients on unix boxes turned off?"
- In reply to: Divakar: "Are FTP Clients on unix boxes turned off?"
- Next in thread: Dave Hinz: "Re: Are FTP Clients on unix boxes turned off?"
- Reply: Dave Hinz: "Re: Are FTP Clients on unix boxes turned off?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
