FTP with authentication to RADIUS

Andrew Brown twofsonet at graffiti.com
Fri Jan 5 15:27:59 UTC 2001


>1) many versions of FTP make you system vulnerable to root cracks.

...which are problems that need to be fixed.  if you know of any...

>2) There is NO way to run FTP in a SSH tunnel because it uses dynamic port
>assignments.

well...that's not entirely true.  you can tunnel the command channel,
just not the data channel.

>3) FTP logins are plain-text.

sure, which is why you tunnel them via ssh, or use ipsec.
actually...if you use ipsec, you can get the data protected as well.

>For sharing files, with anonymous users, HTTP is much better (see:
>http://files.dnso.net)

for sharing files with anonymous users, i'll always be using anonftp.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior at daemon.org             * "ah!  i see you have the internet
twofsonet at graffiti.com (Andrew Brown)                that goes *ping*!"
andrew at crossbar.com       * "information is power -- share the wealth."




More information about the NANOG mailing list