RE: Secure FTP

From: <jbeauford@xxxxxxxxxxxxxxxxx>
Date: Mon, 26 Mar 2007 14:59:42 -0400

SSL-Explorer

MaddHatter wrote:

We have a public facing FTP server that we would like to secure.
... What is the best way to secure this FTP server? I've =
tried SFTP, but was just curious as to what else is out there.

There's nothing you can do to "fix" FTP. _If_ you really want FTP,
SFTP (a separate draft standard based on ssh) is the way to go. You
could direct customers to a popular and user-friendly client such an
WinSCP (http://winscp.net). For the server, you could use OpenSSH
through Cygwin or something similar (the price is right -- free). My
favorite is WinSSHD (http://www.bitvise.com/), which is reasonably
priced. Or there's lots of less-reasonably-priced commercial
solutions.

For other ideas, there's also SSL-FTP (traditional FTP wrapped in
SSL), which seems to have fallen out of favor. You could use normal
FTP but require clients connect to an encrypted VPN before initiating
the FTP session (*ick*).

For your application, you probably don't need FTP at all. Here's what
I'd suggest. Make an SSL-protected web page to authenticate your
clients and allow them to upload files via a web form. You have
complete control over the interface, what happens to the files, who
can put what where, and all the security concerns. It's all your
company's code, so nobody else can decide to change/remove the one
essential feature you need(ed). Your customers certainly already have
a web browser, so they don't need to download and learn to use
another foreign program. If you're a Windows shop -- and it sounds
like you are -- you can just add onto the IIS setup you're already
using, no need to install, configure, maintain, and secure another
service. I think the cheapest SSL certificate provider right now is
GoDaddy.

Follow-Ups:
- Re: Secure FTP
  - From: Michael Louie Loria

References:
- Secure FTP
  - From: aaronr
- Re: Secure FTP
  - From: MaddHatter

Prev by Date: Re: how to block web messenger services
Next by Date: DHL connect software
Previous by thread: Re: Secure FTP
Next by thread: Re: Secure FTP
Index(es):
- Date
- Thread

Relevant Pages

Re: How 2 secure PC-PC data transfer
... The assumption that you are going to open your machine to attack is one of the worst ideas ... I have no idea what you mean by "not that secure". ... connecting a parallel port cable from PC to PC will work. ... If you have a front-end software that blocks all incoming FTP requests from the WAN (look ...
(microsoft.public.vc.mfc)
Re: FTP
... >from a website to my computer VIA ftp. ... but who knows if your ftp server supports any of those ... service doesn't have any secure options, meaning the ftp session cannot be ... 1) have your designer fetch the database using ssl. ...
(comp.security.misc)
Re: Changing sftp-server to some other ftp server
... > I have been doing some research on secure ways of using ftp. ... but have the ssh encyption and authentication. ... > there are any sftp client out there can take advantage from it, ...
(comp.security.ssh)
Re: How many CALs do I need?
... > FTP Server: Box will have FTP. ... > 1 login name and password that everyone would share. ... > Secure Web Pages: Our website will have a 'secure' section that you must ... > logging in at any given time, but it will all be under the same account ...
(microsoft.public.windows.server.sbs)
How many CALs do I need?
... FTP Server: Box will have FTP. ... login name and password that everyone would share. ... Secure Web Pages: Our website will have a 'secure' section that you must ... logging in at any given time, but it will all be under the same account ...
(microsoft.public.windows.server.sbs)