[Dshield] FTP server strange logins

Cefiar cef at optus.net
Wed Aug 23 01:47:09 GMT 2006


On Wednesday 23 August 2006 08:26, markfugate4 at comcast.net wrote:
> I have never understood why people still use FTP when SH/SCP is available? 
> FTP is inherently dangerous and difficult to firewall.  I have always put
> my customers on SSH which has always greatly simplified operations.

I would of course MUCH prefer people/apps went to SCP/SFTP (SSH), but you have 
a number of problems:
 FTP is commonly supported
 FTP is used by a lot of apps internal stuff (eg: downloading updates)
 FTP is trivial to support in code, whereas crypto can be hard to do right
 SFTP/SCP has no Anonymous support
 SFTP/SCP doesn't seem to have the option of Virtual machines and/or users 
without serious hacking about in the code or by using things like PAM/LDAP, 
the complexity and maintenance of which puts people off using it

These are just things off the top of my head, and I may even be wrong about 
the SFTP/SCP bits (Re: Anonymous or Virtual users), though I have personally 
never seen them done. That impression alone shows that such solutions are not 
as common place as with FTP.

-- 
 Stuart Young - aka Cefiar - cef at optus.net


More information about the list mailing list