I think the unsafe part of the ftp is that it uses two different ports and
by default one is outbound and the other is inbound. Port 21 is used for
sending ftp commands and the other port(20 by default) is used for actual
data. All client I have seen changes the data port to something else and
that could be a problem with the firewall.
-----Original Message-----
From: David Rothman [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 13, 2001 6:14 AM
To: [EMAIL PROTECTED]
Subject: but exactly which part of ftp is possibly unsafe?
with all this current ftp discussion and my thread on ftp
from a few weeks ago, i will bring up this question again:
Posed simply, many claim that ftp is 'unsafe', but where is
the risk? from what i understand, ftp doesn't have any
built in encryption, so to the extent that a file can be
intercepted, it can also be read (unless the user manually
encrypts the file). If that is the major security concern,
well ok, that at least is something that is manageable. If,
OTOH, the concern is that a server (to make it simple,
assume one running on a win 2000 pro OS) can be corrupted
and broken in to (meaning one can bypass any password
protection and/or have access to all files on that machine -
not just the restricted zomes) well, that's a much larger
problem.
so, again, in a broad sense, where is the risk and is it a
real or apocryphal?
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
