|
[networknewsletters]
||
[Date Prev]
[10-2004 Date Index]
[Date Next]
||
[Thread Prev]
[10-2004 Thread Index]
[Thread Next]
When is secure FTP not secure? When it reaches your network
- From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
- To: NetworkNewsletters@xxxxxxxxxxxxx
- Date: Tue, 12 Oct 2004 12:25:17 -0400
*************************************************************
Educational CyberPlayGround http://www.edu-cyberpg.com/
Network Newsletters Mailing List
**************************************************************
Network Newsletters Mailing List Service
<http://www.edu-cyberpg.com/Community/Subguidelines.html>
Subscribe | Unsubscribe | Change Email Preferences -
<http://www.edu-cyberpg.com/Community/K12Newsletters.html>
****************************************************************************************************************************************
ActiveServers, Inc ServerFarm, Co-Location, Point to Point Wireless,
Consulting, and Windows dotnet Servers. Premium Hosting Solutions
on multiple OC-48 redundant connections.
Visit http://activeservers.com
**************************************************************************
>http://www.computerworld.com/securitytopics/security/story/0,,96265,00.html
>
>Advice by James King
>ID Analytics Inc.
>OCTOBER 01, 2004
>COMPUTERWORLD
>
>It's widely accepted that file transfer protocol (FTP) is the simplest
>way for organizations to send data across the Internet. To enhance
>security, many companies now use sFTP or FTP/S, the "secure" forms of
>FTP, believing that data traveling across this protocol is safe.
>
>But is it?
>
>It's true that secure forms of FTP have additional encryption while
>commands and data are in transit across the Web. But it's commonly
>overlooked that while files are indeed secure during transit, they are
>nonetheless extremely vulnerable for the period of time they reside at
>the Internet-facing, final point of handoff at the edge of the
>receiving network. Due to limited Internet bandwidth and large file
>sizes, it will always take some amount of time for this final transfer
>because a software program or script at the receiving end must wait
>for the download to be complete before securing the entire file inside
>the interior firewall.
>
>Imagine a pipe carrying water to a bucket. Though the pipe holds the
>water securely, the bucket can't be secured until it's filled with the
>water it's waiting for. The larger the file, the longer the transfer
>takes. The longer the transfer takes, the greater the vulnerability.
>The exposure is due to new vulnerabilities discovered, seemingly
>daily, within operating systems. If a hacker can gain access to the
>operating system, any files on the computer's disk are available to
>him. If the files on the disk aren't encrypted, you have made the
>hacker's day.
<snip>
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
EDUCATIONAL CYBERPLAYGROUND
http://www.edu-cyberpg.com
Net Happenings, K12 Newsletters, Network Newsletters
http://www.edu-cyberpg.com/Community/index.html
FREE EDUCATION VENDOR DIRECTORY LISTING
http://www.edu-cyberpg.com/Directory/default.asp
HOT LIST OF SCHOOLS ONLINE
http://www.edu-cyberpg.com/Schools/default.asp
Educational CyberPlayGround Services
http://www.edu-cyberpg.com/PS/Home_Products.html
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
|
|
