Security Basics mailing list archives

securing communication channel (FTP) - Need Suggestions

From: Vicky Rode <aptgetd () gmail com>
Date: Mon, 27 Jun 2005 13:18:15 -0700

Hi,

I'm looking at ways trying to secure communication channel (file
transfer to be specific) which occurs between my master (ftp
downloads)/slave (remote clients) FTP servers. Since this communication
channel is in the clear which means anyone listening can acquire the
login credentials. Not to mention man-in-the middle attack.

I'm currently pondering using one of the following options and was
wondering if anyone could provide their thoughts and feedback (pros/cons):


(1) Secure FTP (SSL:FTPS)

- Any pitfalls I need to be aware of from a setup/implementation standpoint?
- How would the authentication to MySQL user database work?

(2) Secure HTTP (https)

- Any pitfalls I need to be aware of from a setup/implementation standpoint?
- How would the authentication to MySQL user database work?

(3) a. Scp:
      b. Sftp: Is it an interactive program? Does it provide
non-interactive authentication?


Any pointers will be greatly appreciated.



regards,
/vicky

Current thread:

securing communication channel (FTP) - Need Suggestions Vicky Rode (Jun 27)
- Re: securing communication channel (FTP) - Need Suggestions Gustavo Paredes (Jun 28)
- Re: securing communication channel (FTP) - Need Suggestions Joel Merrick (Jun 28)
- Re: securing communication channel (FTP) - Need Suggestions Ansgar -59cobalt- Wiechers (Jun 28)
- Re: securing communication channel (FTP) - Need Suggestions Staff Netelion (Jun 28)
- <Possible follow-ups>
- Re: securing communication channel (FTP) - Need Suggestions kurt (Jun 28)