Security Basics mailing list archives
Re: Ftp Login
From: "KoRe MeLtDoWn" <koremeltdown () hotmail com>
Date: Sat, 02 Nov 2002 02:39:03 +0000
Hi Pablo,Yes the FTP login transaction process is untaken in plain text - this I think is stated in the RFC, but don't quote me on it. This does raise security problems say for instance when an attacker is sniffing a network it is possible to steal passwords etc. There are programs that support encryption, but this appears to be only during post logon actions. If there are any ftp servers & clients that have encryption ability during the logon procedure then I myself would be very hhappy to hear about them - perhaps someone could help me?
Hamish Stanaway -= KoRe WoRkS =- Internet Security Owner/Operator http://www.koreworks.com/ New Zealand Is your box REALLY secure? yes.
From: "Pablo Gietz" <pablo.gietz () nuevobersa com ar> To: <security-basics () securityfocus com> Subject: Ftp Login Date: Fri, 1 Nov 2002 15:51:36 -0300 MIME-Version: 1.0Received: from outgoing.securityfocus.com ([205.206.231.27]) by mc3-f10.law16.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Fri, 1 Nov 2002 17:32:59 -0800 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])by outgoing.securityfocus.com (Postfix) with QMQPid A318CA30B4; Fri, 1 Nov 2002 17:05:17 -0700 (MST)Received: (qmail 7847 invoked from network); 1 Nov 2002 18:25:20 -0000 Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <mailto:security-basics () securityfocus com> List-Help: <mailto:security-basics-help () securityfocus com> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com Message-ID: <000901c281d7$b4b2e590$165c6481@SEG01> Organization: Nuevo Banco de Entre Ríos S.A. X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2720.3000 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Return-Path: pablo.gietz () nuevobersa com ar X-MDaemon-Deliver-To: security-basics () securityfocus comReturn-Path: security-basics-return-15674-koremeltdown=hotmail.com () securityfocus com X-OriginalArrivalTime: 02 Nov 2002 01:32:59.0864 (UTC) FILETIME=[C73DED80:01C2820F]Hi list DO you know if FTP (standard) login process is maked in clear text? thanks Pablo A. C. Gietz Jefe de Seguridad Informática Nuevo Banco de Entre Ríos S.A. Te.: 0343 - 4201351 Pablo A. C. Gietz Jefe de Seguridad Informática Nuevo Banco de Entre Ríos S.A. Te.: 0343 - 4201351
_________________________________________________________________Surf the Web without missing calls! Get MSN Broadband. http://resourcecenter.msn.com/access/plans/freeactivation.asp
Current thread:
- Ftp Login Pablo Gietz (Nov 01)
- Re: Ftp Login Michael Lee (Nov 04)
- Re: Ftp Login Chris Field (Nov 04)
- Re: Ftp Login landgraf (Nov 04)
- Re: Ftp Login Devdas Bhagat (Nov 04)
- <Possible follow-ups>
- RE: Ftp Login Gene LeDuc (Nov 04)
- Re: Ftp Login KoRe MeLtDoWn (Nov 04)
- RE: Ftp Login Optrics Engineering - Shaun Sturby, MCSE (Nov 08)