On Fri, Jan 05, 2001 at 10:27:59AM -0500, Andrew Brown wrote:
1) many versions of FTP make you system vulnerable to root cracks.
...which are problems that need to be fixed. if you know of any...
It's more of an ongoing travesty with wu-ftpd and almost as bad with proftpd, and the script kiddies routinely have the exploits for weeks or months before the general population knows about them.
2) There is NO way to run FTP in a SSH tunnel because it uses dynamic port assignments.
well...that's not entirely true. you can tunnel the command channel, just not the data channel.
Well, if you use passive mode, you can tunnel the data channel as well. The question is why you would want to do this instead of just using rsync or scp.
3) FTP logins are plain-text.
sure, which is why you tunnel them via ssh, or use ipsec. actually...if you use ipsec, you can get the data protected as well.
For sharing files, with anonymous users, HTTP is much better (see: http://files.dnso.net)
for sharing files with anonymous users, i'll always be using anonftp.
Good luck with that. --Adam -- Adam McKenna <adam-sig@flounder.net> | "No matter how much it changes, http://flounder.net/publickey.html | technology's just a bunch of wires GPG: 17A4 11F7 5E7E C2E7 08AA | connected to a bunch of other wires." 38B0 05D0 8BF7 2C6D 110A | Joe Rogan, _NewsRadio_ 11:45am up 209 days, 10:03, 9 users, load average: 0.13, 0.08, 0.02