RE: Ten least secure programs

From: David Gillett (gillettdavid_at_fhda.edu)
Date: 07/03/03

  • Next message: Tim Greer: "Re: Ten least secure programs"
    To: "'Jay D. Dyson'" <jdyson@treachery.net>, "'Security-Basics List'" <security-basics@securityfocus.com>
    Date: Thu, 3 Jul 2003 09:13:58 -0700
    
    

    > FTP (use scp instead)
    > POP (use SSH+POP instead)
    > IMAP (use IMAP+stunnel instead)
    > Kazaa (nufsed)
    > Clear-text IM services (use Jabber+SSL instead)

      The value of a "bottom ten" list is extremely limited,
    IMNSHO, unless it includes alternative recommendations.
    The list doesn't have to be exhaustive, and there are
    exceptions such as Kazaa, but for business-critical
    functions like web and email, it does no good to warn
    about specific implementations unless you also indicate
    that more-secure alternatives exist.
      Jay's offerings above set an excellent example.

    David Gillett

    ---------------------------------------------------------------------------
    Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    while InStat has confirmed Neoteris as the leader in marketshare.
         
    Find out why, and see how you can get plug-n-play secure remote access in
    about an hour, with no client, server changes, or ongoing maintenance.
              
    Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    ----------------------------------------------------------------------------


  • Next message: Tim Greer: "Re: Ten least secure programs"