Re: FTP security

---

• From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
• Date: Wed, 27 Sep 2006 01:15:06 -0700

---

"beachboy" <jpsteambun@xxxxxxxxxxxx> wrote in message
news:ehhoOTf4GHA.3644@xxxxxxxxxxxxxxxxxxxxxxx

I have a enquiry about the security measurement for FTP connection:

If we release the ftp to trusted user, is possible they can hack the
machine
through asp component (e.g: filesystem object.. etc)
Please advise. Thanks.

If you have actually asked what you intended, then no.

FTP is entirely separated from Asp executability.

If your FTP allows for escaping to remote execution and the
account in use has the permissions to execute (and write),
then such could feasibly be invoked, but then the likes of a
create object could then come about in many ways.


.

---

• References:
  • FTP security
    • From: beachboy

• Prev by Date: Re: Windows 2003 domain password policy
• Next by Date: Re: Windows 2003 domain password policy
• Previous by thread: FTP security
• Next by thread: Re: FTP security
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.windows.server.security  > 2006-09