[Tfug] Our website
Stephen Hooper
stephen.hooper at gmail.com
Tue Apr 24 07:31:25 MST 2007
On 4/24/07, George Cohn <gwcohn at simplybits.net> wrote:
> Stephen Hooper wrote:
> > On 4/23/07, Matt Jacob <matt.jacob at gmail.com> wrote:
> >
> >>>Thoughts?
> >>
> >>FTP is inherently insecure and SFTP or SCP should be used instead. :-P
> >>
> >
> >
> > Dude. I know it sounds cool to say "inherently insecure", but that is
> > bullshit: nothing is inherently insecure about FTP.
>
> I think that idea is because the default action of ftp is to send the
> password in clear text, hence the possibility of a "man in the middle"
> sniffer.
Except over an IPSEC tunnel, but I did understand what was meant, but
there is nothing inherently insecure about ftp: you can make it as
secure as SSH if you choose to do so.
>
> I'm not paranoid but I use SSH and VSFTP just to alleviate those fears.
>
Fair enough... I doubt we will be seeing many anonymous SSH sites though.
More information about the tfug
mailing list