Security Basics mailing list archives
Re: securing communication channel (FTP) - Need Suggestions
From: "Staff Netelion" <security () netelion com>
Date: Tue, 28 Jun 2005 12:54:24 -0500
Hi: You would take a look over scp. It can be used in interactive/non-interactive mode to securely transfer files between hosts. You will only need ssh. scp sintax: scp source destination Suppose you need to copy foo.txt from server "cancun" to server "acapulco" using "jsmith" user credentials (note about user credentials: if not specified, current user credentials are used) cancun$ scp foo.txt jsmith@acapulco: sftp resembles closely ftp, so it works as its insecure counterpart, you will ned ssh 2.0 at least. if you are copying heavily ammounts of data between servers/hosts, maybe you could try rsync, (warning: rsync is not secure by itself but can be easily "tunneled" using ssh or stunnel). Mysql: I have sucessfully "secured" mysql connections between two remote servers by using stunnel, take a look at http://www.stunnel.org/examples/mysql.html Regards Javier ----- Original Message ----- From: "Vicky Rode" <aptgetd () gmail com> To: <security-basics () securityfocus com> Sent: Monday, June 27, 2005 3:18 PM Subject: securing communication channel (FTP) - Need Suggestions
Hi, I'm looking at ways trying to secure communication channel (file transfer to be specific) which occurs between my master (ftp downloads)/slave (remote clients) FTP servers. Since this communication channel is in the clear which means anyone listening can acquire the login credentials. Not to mention man-in-the middle attack. I'm currently pondering using one of the following options and was wondering if anyone could provide their thoughts and feedback (pros/cons): (1) Secure FTP (SSL:FTPS) - Any pitfalls I need to be aware of from a setup/implementation
standpoint?
- How would the authentication to MySQL user database work? (2) Secure HTTP (https) - Any pitfalls I need to be aware of from a setup/implementation
standpoint?
- How would the authentication to MySQL user database work?
(3) a. Scp:
b. Sftp: Is it an interactive program? Does it provide
non-interactive authentication?
Any pointers will be greatly appreciated.
regards,
/vicky
Current thread:
- securing communication channel (FTP) - Need Suggestions Vicky Rode (Jun 27)
- Re: securing communication channel (FTP) - Need Suggestions Gustavo Paredes (Jun 28)
- Re: securing communication channel (FTP) - Need Suggestions Joel Merrick (Jun 28)
- Re: securing communication channel (FTP) - Need Suggestions Ansgar -59cobalt- Wiechers (Jun 28)
- Re: securing communication channel (FTP) - Need Suggestions Staff Netelion (Jun 28)
- <Possible follow-ups>
- Re: securing communication channel (FTP) - Need Suggestions kurt (Jun 28)