Security Basics mailing list archives
Re: Secure FTP server for Windows
From: "Mike Sweeney" <mikesweeney () packetattack com>
Date: Tue, 7 Dec 2004 16:36:49 -0800
Clap..clap..clap.. Windows 2000 has been certified by the Common Criteria Certification (E4) which is a provable and repeatable world wide test of security. 2003 is not yet (??) certified. These things change all the time so do a google (is google a verb?) to get current information. As Smoky Yunick once commented, The engine doesnt know what brand it is (he won with a varity of brands) As long as you stick with proven principles, they all work well. Mike Sweeney ___________________________________________________________________________ Packetattack.com Network Design and Security www.packetattack.com Office (714).637.4235 "QUIS CUSTODIET IPOS CUSTODES" WHO SHALL GUARD THE GUARDS
------------Original Message------------ From: "Dana Epp" <dana () vulscan com> To: "Volker Kindermann" <ml () ps102 de>, security-basics () lists securityfocus com Date: Tue, Dec-7-2004 4:11 PM Subject: Re: Secure FTP server for Windows Oh come on now. Comments like this are so unproductive to the conversation. Any operating system, including Windows, can be made secure. WHAT level of security is dependant on the risks you are trying to mitigate. You CAN make Windows secure, just as easily as how you can easily make Unix INSECURE. Its all in how you approach it. It comes down that you need to quit thinking of the technical safeguards as THE solution and instead apply real world infosec policies to reduce the risks and protect the assets you need to by applying the safeguards as part of a bigger process. I blogged about this a year ago when I talked about the "8 rules of Information Security" (http://silverstr.ufies.org/blog/archives/000468.html) In this case, you can definitely set up a secure SSH server on Windows, jail the enviroment and tighten the file ACLs to allow for SCP access for files you wish to exchange. This would be NO different than applying the same thing on a Unix environment. So instead of slagging the operating system think about what assets need to be protected, and what infosec policies need to be applied to effectively give access to those who need access to the asset. Then apply the technical safeguards in the OS as required. I mean no disrespect Volker, but this kind of position doesn't help the situation. It only hinders any progress we can make by applying a higher level of thinking through sound infosec policies. And thats platform neutral. ----- Original Message ----- From: "Volker Kindermann" <ml () ps102 de> To: <security-basics () lists securityfocus com> Sent: Sunday, December 05, 2004 7:55 AM Subject: Re: Secure FTP server for WindowsHi Derek,Can anyone recommend an FTP server for Windows which has beenwrittenwith security in mind? I only really know such things about Linux(wherevsftpd is the obvious choice) but I've been asked to recommend a Windows2000 or WindowsXP product.please consider that you can't operate a secure ftp server on top ofaninsecure operating system. With this in mind there is no secure ftpserverfor windows. -volker
Current thread:
- Secure FTP server for Windows Derek Fountain (Dec 03)
- Re: Secure FTP server for Windows Dana Epp (Dec 03)
- RE: Secure FTP server for Windows Mike Sweeney (Dec 07)
- Re: Secure FTP server for Windows Volker Kindermann (Dec 06)
- Re: Secure FTP server for Windows Dana Epp (Dec 07)
- Re: Secure FTP server for Windows Mike Sweeney (Dec 08)
- Re: Secure FTP server for Windows Volker Kindermann (Dec 09)
- VPN: PPTP with NAT traversal ? Rolando Ruiz (Dec 10)
- Re: Secure FTP server for Windows Dana Epp (Dec 07)
- Re: Secure FTP server for Windows Dana Epp (Dec 03)
- <Possible follow-ups>
- RE: Secure FTP server for Windows Stephane Auger (Dec 03)
- RE: Secure FTP server for Windows Jennifer Fountain (Dec 03)
- RE: Secure FTP server for Windows Stephane Auger (Dec 06)
- Re: Secure FTP server for Windows Jason Coombs (Dec 06)
- RE: Secure FTP server for Windows Jeff Gercken (Dec 07)
- RE: Secure FTP server for Windows Nardis, Frank (Dec 09)