[Dshield] My graphics guy sent me the following message thism orning...I'd love to hear comments/thoughts/advice:

Kenton Smith ksmith at chartwelltechnology.com
Tue Feb 3 21:24:22 GMT 2004


My advice would be to use what you are most confident with. In my
experience, poorly configured FTP servers are always the first to get
compromised. I would choose some form of *nix but if you are most
comfortable with Windows and can securely configure it, go that route
and play with Linux in a slightly less "volatile" situation.

Kenton

On Tue, 2004-02-03 at 13:00, Louis Hablas wrote:
> Thanks all re: the replies, including the laughs.
> Yes...Steganography...that was a good one.  The reason for .jpg blocking has
> to do more with some of the crap that people inside/outside of the office
> pass around more than anything related to virii...but I digress.
> 
> As many of you suggested and as I'd been contemplating same, I'll probably
> drop a ftp box outside of our firewall and let my graphics guy 'own' it (for
> the most part).  I'm not a UNIX guy, but this might be as good a place to
> jump in as anyplace.  Along these lines, what flavor would be the easiest
> for me to get in place AND be secure out of the box; also, any ftp recs.
> along same lines.
> 
> I could also build a Windows box, lock it down except for base services and
> then install a 3rd party ftp server like Bulletproof.  Any other thoughts
> re: going this route?  Any recs re: other 3rd party ftp servers to consider?
> 
> Thanks again.
> 
> Lou
> 
> -----Original Message-----
> From: list-bounces at dshield.org [mailto:list-bounces at dshield.org]On
> Behalf Of Lauro, John
> Sent: Tuesday, February 03, 2004 2:23 PM
> To: General DShield Discussion List
> Subject: RE: [Dshield] My graphics guy sent me the following message
> thismorning...I'd love to hear comments/thoughts/advice:
> 
> 
> > -----Original Message-----
> > This is also better than email attachments from a bandwidth 
> > point of view. Remember, base64-encoding a file causes it to 
> > expand in size by about 40%.
> > 
> It is better in terms of NET badwidth.  However, not in terms of
> bandwidth that each of the end user needs to see, and thus a loss in
> terms of productivity.  If it's e-mail the transfer over the slower
> link between sites happens in the background.  If FTP, then one has to
> go and poll the FTP server to see if something is there, instead of
> getting it in an e-mail as soon as it's transferred.  Plus either the
> sender or receiver must wait for the transfer (granted, other windows
> could be open), but it boils down to being less productive.  
> 
> Here is another option...
> 
> Have the user get a yahoo account.  It's free, and he can attach .jpg
> files.  Of course this make the bandwidth issue like FTP, but still
> have the convience of e-mail.
> 
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see:
> http://www.dshield.org/mailman/listinfo/list
> 
> 
> The information contained in this message may be CONFIDENTIAL and is for the
> intended addressee only.  Any unauthorized use, dissemination of the
> information, or copying of this message is prohibited.  If you are not the
> intended addressee, please notify the sender immediately and delete this
> message.
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list