The biggest issue being that if you have to pass authentication credentials securely ftp isn't very good... wrappering it in ssl is an improvement but client support isn't really there... The real reason ftp still exists is anonymous file access. in that context what's important is that someone not be able to root the box through the ftp server, hog resources, or fill directories up with warez... for secure authenticated access ssh/scp/sftp are really the way to go On Sun, 1 Feb 2004, Jason Dixon wrote: > On Sun, 2004-02-01 at 14:02, Cowles, Steve wrote: > > > Despite Jason's rather narrow minded view of what constitutes a secure > > service... I have been running pute-ftpd for a couple of years now. To this > > day, I have not regretted that decision. > > Gosh, what was I thinking. You've never experienced an exploit, so FTP > must be secure. Wow, was I ever being narrow minded (along with the > rest of the security community). > > :-P > > -- -------------------------------------------------------------------------- Joel Jaeggli Unix Consulting joelja@xxxxxxxxxxxxxxxxxxxx GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
