Security Basics mailing list archives
Re: Suggestions to secure FTP and trusted network
From: Saqib Ali <docbook.xml () gmail com>
Date: Tue, 3 Jan 2006 11:50:18 -0800
From your description the design looks secure. But the devil is
usually in details :) What kind of FTP server are you using? I have implemented a somewhat similar mechanism, but used WebDAV over SSL instead of FTP. I am not sure if you are encrypting the FTP traffic or not. If you HAVE to use FTP, try using mod_ftp for Apache by covalent, it will be lot more secure since it can tunnel traffic through SSL. http://www.covalent.net/resource/documentation/ers/2.2.0/HTML/ProductGuide/ftpmodule.html
With the very brief scenario above, I would like comments on vulnerabilities and how well the service network with dual nics protects me. Tks!
-- Saqib Ali, CISSP http://www.xml-dev.com/blog/ "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ----------------------------------------------------------------------------
Current thread:
- Suggestions to secure FTP and trusted network mail2day (Jan 03)
- Re: Suggestions to secure FTP and trusted network Saqib Ali (Jan 04)