OT: solutions for FTP proxy?
Tony van Lingen
tony.vanlingen at epa.qld.gov.au
Thu Jan 18 17:55:49 CST 2007
Thanks for the links.. care to reveal how you did your quick search?
Evidently I did not use the right keywords :-\
The man-in-the-middle attack argument can also be raised IMHO for HTTP
proxying, but that seems to be quite de rigeur... The point is best
illustrated by the fact that many businesses happily install web-nanny
(="legitimate "spy-) software on the proxy box to see what their
employees are surfing to and, possibly, log it for further action. That
aside, sftp/scp is also our preferred way of doing things. However some
of our users still need to ftp data from external sources that run a
straight FTP server, hence the requirement to ftp out of the network.
The networking dept is not keen to open up ftp (and NAT) for every
conceivable machine inside our network, so we still need some sort of
proxy for that.
Mark Watts wrote:
> You're not the only one to still be using the FWTK ftp-proxy.
> The main problem is, ISTR, that proxying ftp like this is actually performing
> a "main-in-the-middle" attack in a controlled way, so no-one likes to do it
> anymore; hence the lack of software to do it.
> The "modern" alternative is to use sftp over SSH, but that doesn't allow
> anonymous uploads very easily.
> Having said that, a quick search brings up this article from 2002 with an ftp
> link that still works...
> Linux-PowerEdge mailing list
> Linux-PowerEdge at dell.com
> Please read the FAQ at http://lists.us.dell.com/faq
WARNING: This e-mail (including any attachments) has originated from a Queensland Government department and may contain information that is confidential, private, or covered by legal professional privilege, and may be protected by copyright.
You may use this e-mail only if you are the person(s) it was intended to be sent to and if you use it in an authorised way. No one is allowed to use, review, alter, transmit, disclose, distribute, print or copy this e-mail without appropriate authority. If you have received this e-mail in error, please inform the sender immediately by phone or e-mail and delete this e-mail, including any copies, from your computer system network and destroy any hardcopies.
Unless otherwise stated, this e-mail represents the views of the sender and not the views of the Environmental Protection Agency.
Although this e-mail has been checked for the presence of computer viruses, the Environmental Protection Agency provides no warranty that all viruses have been detected and cleaned. Any use of this e-mail could harm your computer system. It is your responsibility to ensure that this e-mail does not contain and is not affected by computer viruses, defects or interference by third parties or replication problems (including incompatibility with your computer system).
E-mails sent to and from the Environmental Protection Agency will be electronically stored, managed and may be audited, in accordance with the law and Queensland Government Information Standards (IS31, IS38, IS40, IS41 and IS42) to the extent they are consistent with the law.
More information about the Linux-PowerEdge