Re: [cobalt-security] Secure FTP

[Goetz Lohmann <goetz.lohmann@xxxxxx>]

David Lucas schrieb:

> At 01:30 PM 4/2/2003, you wrote:
>
>> On Wed, 02 Apr 2003 20:15:06 +0200, you wrote:
>>
>> >now you could use a TLS/SSL capabel FTP Client like WS-FTP Pro
>> (comercial)
>> >or the free SmartFTP v1.0 from http://www.smartftp.com ;-)
>>
>> hi
>> i have to add our ftpvoyager to this list - either on
>> www.ftpvoyager.info
>> or www.ftpvoyager.com
>>
>> *couldn't resist*
>> hk
>
>
> Now your reply is just spam.  Your mentioned software does nothing for
> the situation.  It is nice that your software can do secure file
> transfer, but it takes a server to make it work.

you say spam, I say its just an idea.

Yes, it took a server ... but the server to install is far same easy as
the crippy way of https and its a think to mention in fact that
the clients also could operate as a default ftp program. As long as I
dealed with people was, that it's easyer to give them a cheap
tool which they can handle like before (a common ftp client) then to
told them to learn the the whole world new (just my opinion)

and ... Yes ... you might do this by HTTPs ... but did you ever tryed to
get more than 5 MByte with that and got a broken download?
It's quite in the name ... HTTP=HyperTextTransferProtocol,
FTP=FileTransferProtocol ... if you like to do file transfers ... use FTP,
but I'm sure you know that ... but that was the way I thought first to
give just a little idea what is possible else ...

and ... Yes ... you could do that with scp ... did you ever told a
customer all the command line codes of it ... a nice tool I also use
but the question was to easy do FTP the secure way ... that was just my
buggy answer ... not much and maybe you could blame
me that he told "without third party tool" ... but as I thought,
sometimes it's better not too try to reinvent the wheel
</?p=iB2QE.&search=wheel> and instead do
it another way.

It was just a suggestion ... but please ... don't came me along with spam !

>   The Raq does not have a secure ftp server out of the box.  This is
> the first thing a person has to deal with to get secure ftp to work. 
> I believe the current version of WSFtp also allows secure ftp via
> ssl.  I uninstalled it (downgraded) as the newer versions round of
> file sizes to a size too large (1k increments) 

it was just a suggestion ... not the golden way I told !
I choose the proftpd deamon cause it is compatible with the installed
version in the RaQ and the wsftp client cause it is one of
the most popular FTP clients around which I know could handle TLS/SSL,
never Told that it is the best and only way !

>
> WinSCP is not necessarily the answer either (for those who mentioned
> it).  WinSCP is a nice product, BUT. the person can browse the entire
> server.  Some people are not happy with this "feature".  (It is not
> the product, but the server as WinSCP is just using SSH and that on
> Linux that allows it, correct gurus?) 

WinSCP is quite another suggestion and it depend's on the server
configuration if you see the whole server.
gurus ? ... maybe if you feel pissed on by the things I said ... SORRY
... or did I get your ironic wrong, but here is not the place for this ?

and yes ... I feel sad ... cause all I read from you is, that all what
other people said is just bullshit but a better way to do was left ...

:-(

regards

-- 

¸,ø¤°`°¤ø,¸_¸,ø¤°`°¤ø,¸_¸,ø¤°°¤ø,¸_¸,ø¤°`°¤ø,¸_¸,ø¤°°¤ø,¸

Götz Lohmann  |  D-Mannheim  |  Web-Developer & Sys-Admin
---------------------------------------------------------
He's the fellow that people wonder what he does and why
the company needs him, until he goes on vacation.
¸,ø¤°`°¤ø,¸_¸,ø¤°`°¤ø,¸_¸,ø¤°°¤ø,¸_¸,ø¤°`°¤ø,¸_¸,ø¤°°¤ø,¸