RE: Using FTP for File Transfer to the outside world
- From: "Quillman Shawn (RBNA/CSA1) *" <Shawn.Quillman@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 31 Jan 2005 12:23:50 -0500
The underlying issue being anyone other than the admin being able to
change anything whatsoever on the filesystem on the firewall. It's for
sure not a best practice for end users to save files on the firewall and
should be avoided whenever possible.
-Shawn
-----
Robert Bosch Corporation
Technical Systems Analyst (RBNA/CSA1)
Corporate Sales Reporting Systems
38000 Hills Tech Drive - Farmington Hills, MI 48331 - USA
phone: 1 (248) 553-1164 fax: 1 (248) 848-6969
shawn.quillman@xxxxxxxxxxxx
http://www.bosch.us
-----Original Message-----
From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
Sent: Monday, January 31, 2005 9:29 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Using FTP for File Transfer to the outside world
http://www.ISAserver.org
Tom,
What about FTP servers that use SSL? Ie. G6 FTP Server 3.x allows the
admin to setup a SSL Cert.
http://www.gene6.com/
Regards,
Andrew
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Monday, January 31, 2005 3:02 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Using FTP for File Transfer to the outside world
http://www.ISAserver.org
Hi Kevin,
NO. FTP sites do NOT belong on a firewall. It is as unsecure as allowing
a firewall to use TFTP to obtain/backup configuration information.
HTH,
Tom
-----Original Message-----
From: KEVIN LOVEGROVE [mailto:kevin_lovegrove@xxxxxxxxx]
Sent: Monday, January 31, 2005 1:04 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Using FTP for File Transfer to the outside world
http://www.ISAserver.org
I get a fair amount of requests from users to send/receive 100mb+ files
across the net, and obviously want to avoid having them go through
Exchange. I would like to set up an FTP site and make this accessible
internally and externally.
I know I can use FTP User Isolation on my internal W2K3 network, but
what I'd like to know is that can I safely publish an FTP site through
ISA if it's actually on the ISA Server itself?
ISA isn't our frontline perimeter and it has loads of disk space and
plenty of processor and i/o capacity to handle the load. But doesn't
this create a significant security risk?
I'm not too worried about internal users. External users will be vetted
through Checkpoint anyway, but I'm just wondering if anyone has any
other opinions to offer?
Cheers,
Kevin
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
andrew@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
