Re: Watch out! vsftpd anonymous access always enabled!
Quoting Robert Brockway (robert@timetraveller.org):
> If he really cares about the data (and let's face it, everyone cares about
> their data :) then I'd recommend dispensing with ftp entirely and using
> scp or sftp (ssh v2) if the client needs to shift data to or from the box.
> Configure this for RSA/DSA access only (no password access) and possibly
> lock it down with a firewall as well (after recent events). You can even
> go one step further and have the sensitive data seperated from the
> upload/download box (there are various ways to aproach this).
I know how to secure a box, and I know how to shift data securely.
Unfortunately some customers want to pay for a solution where they can just
use their silly M$ program like they're used to, and refuse 'complicated'
solutions. Also, in this case, $customer likes to offer 3rd parties data
protected with a username and password, trough ftp, as they (the 3rd parties)
have been doing it for years. So we deliver as requested. Thanks for the
reply though ;)
Greets,
Robert
--
/^"- '-(\__/)-' -"^\
'-.' oo '.-' Holy Jesus! What are these goddamn animals?!
`-..-'
Finger rvdm@db.debian.org for my GPG key.
Reply to: