Re: sftp speed degradation with ZA?

From:
Date: 05/24/02 

Date: 24 May 2002 19:28:49 GMT

Hi,

I made a mistake in the following posting.
sftp seems to be 1 to 2 orders of magnitude
slower than ftp in my setup, even with
ZoneAlarm inactive. Is this an inherent
bottleneck with sftp , or is there something I
can do to alleviate this?

Fred

-------------------------------------------
Fred Ma
Department of Electronics
Carleton University, Mackenzie Building
1125 Colonel By Drive
Ottawa, Ontario
Canada K1S 5B6
fma@doe.carleton.ca
===========================================

Shing-Fat Fred Ma wrote:

> Hello,
>
> I'm using sftp on Cygwin_ME-4.90
> to access a solaris 8 machine. I noticed
> that the speed is about 1/10 of cygwin's
> normal ftp. As might be obvious from the
> cygwin version, it is running on WinME.
> I can't seem to query cygwin's sftp for a
> version, but it the ssh version is
>
> OpenSSH_3.0p1,
> SSH protocols 1.5/2.0,
> OpenSSL 0x0090602f
>
> The ssh version on the solaris box is
>
> OpenSSH_2.9p2,
> SSH protocols 1.5/2.0,
> OpenSSL 0x0090602f
>
> which I hope is indicative of the sftp server
> version, somehow.
>
> I cannot believe that the encryption cuts
> the bandwidth from about 3.5Mbps during
> *busy* times to 0.44Mps during *nonbusy*
> times (otherwise, security is way too costly).
> It should be the other way around.
>
> I then noticed that my ZoneAlarm2.6.362
> LEDs indicating download traffic is very busy
> using sftp, but not using ftp. This indicates
> to me that ZA is the reason for the bandwidth
> reduction (I've also experienced the same
> effect when using VNC GUI tool for accessing
> remote hosts).
>
> Has anyone else had this experience? Is
> there a way to get the security of sftp and
> ZA without the bandwidth degradation?
> Do I even have to worry about ZA if I
> have no shared printers/files and no
> servers running on WinME? The good
> thing about ZA is that it's free, and moving
> to another firewall entailsa a rampup time of
> not only learning to use it, but also to get to
> know its surprise limitations and workarounds.
>
> Thanks for any comments.
>
> Fred
> -------------------------------------------
> Fred Ma
> Department of Electronics
> Carleton University, Mackenzie Building
> 1125 Colonel By Drive
> Ottawa, Ontario
> Canada K1S 5B6
> fma@doe.carleton.ca
> ===========================================

Relevant Pages

  • Re: Cannot access an external SFTP site from behind SBS 2003 R2/ISA 2004! HELP!!!
    ... Base on my further research, using SFTP in Explicit mode goes over port 21, ... built in FTP filter as the commands are encrypted. ... Please open the ISA management console, navigate to Firewall Policy, ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: SPAM sudden increase
    ... > Dude was on a tech call with f-secure and the tech asked, "So, ... dude is trying to FTP to their server using WSFTP. ... but I think he is talking about sftp protocol - FTP via ...
    (alt.2600)
  • Secure FTP Factory 5.7 released
    ... JSCAPE is please to announce the release of Secure FTP Factory 5.7. ... Enhancement: Added ASCII file transfer support for sftp servers using ...
    (comp.lang.java.announce)
  • Re: sftp speed degradation with ZA?
    ... bottleneck with sftp, ... > normal ftp. ... > SSH protocols 1.5/2.0, ... > to me that ZA is the reason for the bandwidth ...
    (comp.security.firewalls)
  • Re: hack attempt on my server...What do you do about this?
    ... the first option is not to run vsftpd at all. ... which you can not do using sftp to log into you box. ... You don't need a separate ftp server to run it, ...
    (Fedora)