Starting with gnupg
faramir.cl at gmail.com
Mon Aug 4 09:25:34 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Robert J. Hansen escribió:
> Faramir wrote:
>> If he is using ftp to upload the files... standard ftp sends username
>> and password unencrypted... so it could be sniffed...
> telnet and ftp are antique protocols that have much better replacements
> available to them. ssh, scp and sftp are all in common usage nowadays.
> Anyone who uses telnet or ftp for any kind of sensitive information is
> living dangerously by deliberate choice.
Some servers are hard to configure to use sftp (if possible at all)...
as an example, a friend of me asked me to enable SSL in his server (I am
not sure if it is a virtual server or just a virtualhost, but I am sure
it has shared IP). When I tried to install the certificate... I realized
it couldn't be done without having to pay an extra monthly fee to get
our own IP. Without it, we are stuck to the "common" certificate
extended to all the hosts in that IP, and I am not sure if it is
trustworth at all... so sometimes, it's not by choice... or because they
don't know how to configure these services. About what is "sensitive
information", some people have fun by stealing somebody's email and
closing it... but of course if we talk about a file containing the
credit card number of your customers, then that is info is worth hiring
somebody to set up security before something bad happens...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Gnupg-users