From owner-freebsd-security Tue Jun 12 13:52:30 2001 Delivered-To: freebsd-security@freebsd.org Received: from imr2.ericy.com (imr2.ericy.com [12.34.240.68]) by hub.freebsd.org (Postfix) with ESMTP id 79EB637B405 for ; Tue, 12 Jun 2001 13:52:12 -0700 (PDT) (envelope-from Antoine.Beaupre@ericsson.ca) Received: from mr7.exu.ericsson.se (mr7att.ericy.com [138.85.92.15]) by imr2.ericy.com (8.11.3/8.11.3) with ESMTP id f5CKq8805404; Tue, 12 Jun 2001 15:52:08 -0500 (CDT) Received: from noah.lmc.ericsson.se (noah.lmc.ericsson.se [142.133.1.1]) by mr7.exu.ericsson.se (8.11.3/8.11.3) with ESMTP id f5CKq7U02400; Tue, 12 Jun 2001 15:52:07 -0500 (CDT) Received: from lmc35.lmc.ericsson.se (lmc35.lmc.ericsson.se [142.133.16.175]) by noah.lmc.ericsson.se (8.11.2/8.9.2) with ESMTP id f5CKq6G02545; Tue, 12 Jun 2001 16:52:06 -0400 (EDT) Received: by lmc35.lmc.ericsson.se with Internet Mail Service (5.5.2653.19) id ; Tue, 12 Jun 2001 16:52:05 -0400 Received: from lmc.ericsson.se (lmcpc100455.pc.lmc.ericsson.se [142.133.23.150]) by LMC37.lmc.ericsson.se with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id MY4P5SX9; Tue, 12 Jun 2001 16:52:00 -0400 From: "Antoine Beaupre (LMC)" To: Jamie Norwood Cc: freebsd-security@FreeBSD.ORG Message-ID: <3B2680EB.9040007@lmc.ericsson.se> Date: Tue, 12 Jun 2001 16:51:55 -0400 Organization: LMC, Ericsson Research Canada User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:0.9.1) Gecko/20010607 X-Accept-Language: en,fr-CA,fr MIME-Version: 1.0 Subject: OT: yet another discussion FTP vs HTTP (was: IPFW almost works now.) References: <657B20E93E93D4118F9700D0B73CE3EA0166D97D@goofy.epylon.lan> <20010612152856.A72299@mushhaven.net> <3B267827.5090002@lmc.ericsson.se> <20010612162749.A73655@mushhaven.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Jamie Norwood wrote: > On Tue, Jun 12, 2001 at 04:14:31PM -0400, Antoine Beaupre (LMC) wrote: > >>Jamie Norwood wrote: >> >> >>>On Tue, Jun 12, 2001 at 12:25:33PM -0700, Jason DiCioccio wrote: >>> >>> >>>>Welcome to the shitty protocol that is: FTP. To use active ftp, you >>>>need to allow connections to all inbound ports above 1024. To allow >>>>passive FTP, you need to allow outbound connections to all ports >>>>above 1024. FTP is obsolete, too bad everyone still uses it though. >>>> >>>What do you recommend? SFTP? >> >>IIRC, there's a nice protocol called HTTP that does not have ftp's limitations. ;) > > No, it has a host of limitations all it's own, not the least of which is > that is is actually less efficient at transfering files, I heard a few things regarding that, all contradictory. :) Could you give me a few examples/explanations/references as to why it is less efficient? I'd be curious. > and that it has limited CLI tools. I think that would be the biggest limitation. HTTP could technically override FTP's functionalities using the PUT and DELETE actions, but the only clients actually implementing this functionality are either dead (netscape 3) or forgotten (amaya). :) > Remember, not every computer has a monitor, mouse, and > web browser! Yeah... but every computer should at least have something like lynx/links/w3m/wget/fetch/whatever... You don't need a fully featured web browser to download/upload files to a webserver. Only to display them. Same for ftp. > I would love to see something quality replace FTP. Maybe SFTP will, but it > is still young, and if SSH is any indication, the onlt commercial support > for it will be very expensive (IE, SecureCRT/SecureFX at about $100 each). SFTP is not really an alternative. From what I understand, it is only built over ssh and therefore needs a corresponding shell account (if you exclude the RSA auth). It is surprising we (the internet community) haven't come up with a viable replacement. > Yeah, I know about PuTTY,but I don't like it. :) Well, it's better than almost anything else on windoze. ;) A. -- La sémantique est la gravité de l'abstraction. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message