Re: Suggestions to secure FTP and trusted network

[Saqib Ali <docbook.xml () gmail com>]

> From your description the design looks secure. But the devil is
usually in details :) What kind of FTP server are you using?

I have implemented a somewhat similar mechanism, but used WebDAV over
SSL instead of FTP. I am not sure if you are encrypting the FTP
traffic or not.

If you HAVE to use FTP, try using mod_ftp for Apache by covalent, it
will be lot more secure since it can tunnel traffic through SSL.
http://www.covalent.net/resource/documentation/ers/2.2.0/HTML/ProductGuide/ftpmodule.html



> With the very brief scenario above, I would like comments on vulnerabilities and how well the service network with 
> dual nics protects me. Tks!
--
Saqib Ali, CISSP
http://www.xml-dev.com/blog/
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------