RE: Securely connecting to FTP

[Benjamin Betsalel <betsalel509 () live com>]

> Along with the username any file transfers can be captured. Is your LAN
> really at risk of someone installing a device to capture traffic or does
> someone have suffciant knowledge to do it software wise? I am assuming
> as it is ISP webspace that this is a home environment.


Correct, home environment. I strongly doubt anyone would be capturing the traffic on my LAN.


> Between your home and ISP I wouldn't say there is a risk, but then again
> I have no idea what the situation is. The fact that in most places there
> are very stiff penalties for doing this and the knowledge required would
> deter most people. Is the traffic you are uploading to ISP webspace
> really that important that someone would do this?


No it isn't. Except that it has to use the credentials used for everything with the ISP (Same account, AFAIK I can't 
set them differently).
So maybe it's paranoid but it would be annoying if someone sniffed my creds when I Was unsecurely connecting to the FTP 
to upload files to the website, but then could use those to log on to my ISP toolbox, webmail, etc.


> > 2) is it that smaller ISPs just don't provide this type of functionality, and you won't be able to encrypt while 
> > using FTP?
> > -
> > that is, is a secure ftp connection a bit of a premium that you pay
> > more for or need to look more specifically into other companies offering
> > "secure ftp services.", or should there be no reason why one ISP would
> > not be able to offer this service.
>
> I would say that it is common, and the reasoning behind it I outline in
> the first part of this. A much larger amount I would say use FTPS (FTP
> over SSL), so make sure that you give that a go. Also, if they have a
> web based control panel it could have a web based file manager of some
> sort (it should be over SSL).


No web based file manager available, but i'll try FTPS and previous suggestions from Matthew. Thank you.



                                          

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------