[Dshield] FTP server strange logins
cef at optus.net
Wed Aug 23 01:47:09 GMT 2006
On Wednesday 23 August 2006 08:26, markfugate4 at comcast.net wrote:
> I have never understood why people still use FTP when SH/SCP is available?
> FTP is inherently dangerous and difficult to firewall. I have always put
> my customers on SSH which has always greatly simplified operations.
I would of course MUCH prefer people/apps went to SCP/SFTP (SSH), but you have
a number of problems:
FTP is commonly supported
FTP is used by a lot of apps internal stuff (eg: downloading updates)
FTP is trivial to support in code, whereas crypto can be hard to do right
SFTP/SCP has no Anonymous support
SFTP/SCP doesn't seem to have the option of Virtual machines and/or users
without serious hacking about in the code or by using things like PAM/LDAP,
the complexity and maintenance of which puts people off using it
These are just things off the top of my head, and I may even be wrong about
the SFTP/SCP bits (Re: Anonymous or Virtual users), though I have personally
never seen them done. That impression alone shows that such solutions are not
as common place as with FTP.
Stuart Young - aka Cefiar - cef at optus.net
More information about the list