Re: firewalls that can ssl ftp?

["R " <ramnas000 () hotmail com>]

http://www.eftp.org

Product Features
Secure Transfers
World standard and secure RSA encryption encodes the control channel, and 
Bruce Schneier's Blowfish encryption for data transfers.
Secure SSL based Web Administration Portal
For easy access to basic server administration tools, including 
stopping/starting the server, and current activity monitoring.

High Speed
Unlike other SSH tunneling FTP solutions, Blowfish encryption and decryption 
is much faster and less CPU intensive, so transfers speeds are blindingly 
fast, and can easily support most corporate internet links
Intruder Detection
Whilst you are providing a service, you will always get the odd person who 
will try to guess user authentication. Intruder Detection will automatically 
ban IP addresses from trying to authenticate after a number of unsuccessful 
attempts

Enforceable "Terms and Conditions"
You can optionally make users that connect agree to terms and conditions of 
use on the site. The user has to reply accordingly, or they will be denied 
access
Resume uploads & downloads
Not all network conditions are perfect. EFTP has the ability to resume 
downloads as well as uploads for interrupted transfers

Highly configurable client & server
Fine tune your program to your liking in almost every way imaginable. 
Include login messages, logout messages, speed restrictions and download 
limits.
Works with other FTP Clients/Servers
To achieve encryption, EFTP must be used at both client and server, however 
you can use both the Client and Server in non-encrypted mode with other 
popular Clients/Servers






> From: Lindner <lindner_marek () yahoo de>
> To: security-basics () securityfocus com
> Subject: Re: firewalls that can ssl ftp?
> Date: Tue, 03 Feb 2004 23:40:56 +0100
> MIME-Version: 1.0
> Received: from outgoing3.securityfocus.com ([205.206.231.27]) by 
> mc9-f34.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Wed, 4 Feb 2004 
> 14:47:37 -0800
> Received: from lists.securityfocus.com (lists.securityfocus.com 
> [205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid 
> 59272A316E; Wed,  4 Feb 2004 10:28:52 -0700 (MST)
> Received: (qmail 7059 invoked from network); 3 Feb 2004 16:21:41 -0000
> X-Message-Info: 6sSXyD95QpX471q6PV7tOcT6DzCzna8B
> Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm
> Precedence: bulk
> List-Id: <security-basics.list-id.securityfocus.com>
> List-Post: <mailto:security-basics () securityfocus com>
> List-Help: <mailto:security-basics-help () securityfocus com>
> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com>
> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com>
> Delivered-To: mailing list security-basics () securityfocus com
> Delivered-To: moderator for security-basics () securityfocus com
> Message-ID: <40202378.1040700@voltaire.phidelu>
> User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-AT; rv:1.5) Gecko/20031007
> X-Accept-Language: de-at, de, en-us, en
> References: <20040203002926.4328.qmail () www securityfocus com>
> In-Reply-To: <20040203002926.4328.qmail () www securityfocus com>
> X-Virus-Scanned: by AMaViS 0.3.12pre8
> X-Spam-Status: No, hits=-12.7 
> required=9.0tests=AWL,IN_REP_TO,MSG_ID_ADDED_BY_MTA_3,REFERENCES,      
> USER_AGENT_MOZILLA_UAautolearn=ham	version=2.50
> X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 
> (1.173-2003-02-20-exp)
> Return-Path: 
> security-basics-return-26697-ramnas000=hotmail.com () securityfocus com
> X-OriginalArrivalTime: 04 Feb 2004 22:47:37.0397 (UTC) 
> FILETIME=[E3029E50:01C3EB70]
>
> Ken Dallarax schrieb:
>
> > Anyone have experience with good ways to do secure ftp (ftp over ssl) in 
> > an enterprise setting? We use ftp for partner apps and want to encrypt 
> > everything. Looked at secure ftp servers from Valicert, etc. but they seem 
> > like overkill. Does anyone know of a firewall that does ssl that can also 
> > encrypt ftp?
>
> AFAIK you can't use FTP over SSL.
> But you can use the SSH-FTP- Server/Client which is crypted by design.
>
> Cheers,
> Marek
>
>
>
>
> ---------------------------------------------------------------------------
> Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
> course! All of our class sizes are guaranteed to be 10 students or less. We 
> provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
> and many other technical hands on courses. Visit us at 
> http://www.infosecinstitute.com/securityfocus to get $720 off any course!  
> ----------------------------------------------------------------------------

_________________________________________________________________
Let the new MSN Premium Internet Software make the most of your high-speed 
experience. http://join.msn.com/?pgmarket=en-us&page=byoa/prem&ST=1


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------