On Sun, 2004-06-20 at 20:23 -0600, Aly Dharshi wrote: > > FTP+ssl is just as bad. One of the problems is the way the client talks > > with the server, and not just the authentication. > > No it is not bad, I work for a large ISP and ftp is great for most > people they can easily get something that can do ftp, secondly its > extremely simple to use, you can drag and drop, even in an Microcrap > environment, which is what most average users use out there. Imagine > trying to educate someone about ssh et al, ftp is simple, ftp + ssl is > even better, one can give people the ability to use the same simple > system system without having them hit another learning curve and provide > security for them in the process. You keep avoiding the issue: the protocol. You can't make decent filters to handle it unless you use a dedicated ftp proxy that allows specifying a limit to the ports that will be opened. > I haven't seem many sftp/scp proggies out there, WinSCP being the > exception that does really well. FTP has been around for a while and can > do the job for trivial things. Usually tech savvy people are the ones > employing ssh technologies. :) Wincrap users can use webdav over ssl with client side certificates (if needed) and mount web shares quite easily. Even over a normal proxy. Rui
Attachment:
signature.asc
Description: This is a digitally signed message part
