Re: How safe are FTP servers?
- From: Ertugrul Soeylemez <do-not-spam-me@xxxxxxxx>
- Date: Wed, 23 May 2007 04:29:42 +0200
Sylvain Robitaille <syl@xxxxxxxxxxxxxxxxxx> (07-05-21 04:26:54):
You should at least force SSL and authenticate that way. FTP is the
worst protocol to send files through.
Many would disagree with you on that. FTP was _designed_ for
transferring files, after all. It *is*, however, the worst protocol
to send user authentication through ...
I'm unable to find a worse protocol. Unclear specifications (like how
to interpret file listings) and a nightmare for firewalled hosts.
Further it is pretty limited by itself. You will do a lot of useful
stuff through extensions, and that's bad either.
It was designed for that purpose when there were no other general
purpose alternatives, but it's showing its age already.
Security is the one concept, which makes things in your life stay as
they are. Otto is a man, who is afraid of changes in his life; so
naturally he does not employ security.