On Tue, Dec 30, 2014 at 10:30:59AM -0600, Kevin Kinsey wrote: > Having FTP/TCP:21 open to the WWW is the equivalent of (and forgive me, but...) > removing your pants, handcuffing your wrists to your ankles, standing on the street > in a large city and painting "rape me" on your bum. It's the 21st century, for crying > out loud; there are many more secure mechanisms. If anyone is reading this and has > FTPD open to any and all comers on the WWW, please consider this an earnest plea to > find someone who understands security and hire them right away. Not entirely true. If it is an authenticated login (username/password) yes, but anonymous FTP is quite OK for serving files that you are content for anyone to read. There are levels of security needed: HTTP authentication is not very secure if not done over HTTPS, but for some it is sufficient. -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 http://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php #include <std_disclaimer.h> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
