low-power x86 computer

"Objection, your honor!" FTP cannot possibly be made "secure" by methods only dealing with server machines, OSs and configuration, because none of that will even begin to touch its single biggest flaw: passwords going over the net in clear text. If you used only anon FTP, that'd be a different story, but I don't recall that restriction having been mentioned anywhere in this thread.

That I agree with whole-heartedly. I'ld even turn it around and say: if you need "graphical access" to it, it doesn't really qualify as a server box.

Windows admins may be used to thinking otherwise, but that's really just a bad habit. Thus the old joke of how you can tell a Windows admin from a Unix one on sight: one of them has to run around the place so much he wears sneakers to work, the other can invariably found sitting right on his chair in his office, optionally wearing no shoes at all.

--
Hans-Bernhard Broeker (broeker@physik.rwth-aachen.de)
Even if all the snow were burnt, ashes would remain.
Reply to
Hans-Bernhard Broeker
Loading thread data ...

and

You are completely correct - ftp login names and passwords are sent as clear text (which is not a problem for most local networks, or if the ftp access is used over the VPNs that the system will also support).

I was thinking more in terms of controlling access to files, limiting the size of uploaded files, and so on, which have always been issues with ftp servers. Whether or not clear-text passwords are a problem depends on the use and the level of security required - after all, the huge majority of websites with password logins use http, and the names and passwords are send as clear text. They are therefore vulnerable to packet-sniffing attacks, which are possible but very difficult unless you have direct local access (like being able to plug a laptop with ethereal into the network), in which case you probably have far more security problems...

Reply to
David Brown

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.