Re: securing communication channel (FTP) - Need Suggestions

From: Gustavo Paredes (gustavo.paredes_at_internet-solutions.com.co)
Date: 06/28/05

  • Next message: Paule: "Acid Not Displaying PortScan Traffic" 
    To: <vicky.rode@gmail.com>, <security-basics@securityfocus.com>
Date: Mon, 27 Jun 2005 17:52:46 -0500

    Hi, you can use scp whitout interactive authentication.

    Cordial saludo,

             Ing. Gustavo Paredes M.
          Security Consultant - CISSP
           Internet Solutions Colombia
      "The Information Security Experts"
    http://www.internet-solutions.com.co
     gustavo.paredes@internet-solutions.com.co
           Phone (movil):(300)2089644
     Phone (office):(091)3120910 ext 12

    CONFIDENCIAL. La información contenida en este e-mail y cualquier archivo
    anexo es confidencial y sólo puede ser utilizada por el individuo o la
    compañía a la cual está dirigido. Si no es usted el destinatario
    autorizado, cualquier retención, difusión, distribución o copia de este
    mensaje está prohibida y es sancionada por la ley. Si por error recibe este
    mensaje, le ofrecemos disculpas y le agradecemos reenviar el mensaje al
    emisor original y eliminarlo de su inbox inmediatamente.
    ----- Original Message -----
    From: "Vicky Rode" <aptgetd@gmail.com>
    To: <security-basics@securityfocus.com>
    Sent: Monday, June 27, 2005 3:18 PM
    Subject: securing communication channel (FTP) - Need Suggestions

    > Hi,
    >
    > I'm looking at ways trying to secure communication channel (file
    > transfer to be specific) which occurs between my master (ftp
    > downloads)/slave (remote clients) FTP servers. Since this communication
    > channel is in the clear which means anyone listening can acquire the
    > login credentials. Not to mention man-in-the middle attack.
    >
    > I'm currently pondering using one of the following options and was
    > wondering if anyone could provide their thoughts and feedback (pros/cons):
    >
    >
    > (1) Secure FTP (SSL:FTPS)
    >
    > - Any pitfalls I need to be aware of from a setup/implementation
    standpoint?
    > - How would the authentication to MySQL user database work?
    >
    > (2) Secure HTTP (https)
    >
    > - Any pitfalls I need to be aware of from a setup/implementation
    standpoint?
    > - How would the authentication to MySQL user database work?
    >
    > (3) a. Scp:
    > b. Sftp: Is it an interactive program? Does it provide
    > non-interactive authentication?
    >
    >
    > Any pointers will be greatly appreciated.
    >
    >
    >
    > regards,
    > /vicky
    >
    >
    >
    >

  • Next message: Paule: "Acid Not Displaying PortScan Traffic"

    Relevant Pages

    • Re: secure transfers and authentication
      ... destination using SCP? ... > certificates from our Certificate authority to do the authentication and ... > then https to transfer the data. ... Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org ...
      (Security-Basics)
    • Using SCP on 877 with PPPoE
      ... Have several customer 877s deployed that we want to maintain by pushing out configurations using SCP. ... However, when we enable SCP, it breaks PPPoE authentication. ... Again, the above config works for scp, but breaks dialer ppp. ...
      (comp.dcom.sys.cisco)
    • Re: secure transfers and authentication
      ... I second the scp and maybe add the sftp protocol as well. ... certificates from our Certificate authority to do the authentication and ... then https to transfer the data. ... Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org ...
      (Security-Basics)
    • RE: SCP help
      ... There are a couple of options you have with SCP. ... good idea, with a password, this way you can start up trusted hosts ... key authentication should ensue. ... Hi I am trying to write a script using scp in which I would like to pass ...
      (SSH)