Date: Tue, 12 Jun 2001 16:51:55 -0400 From: "Antoine Beaupre (LMC)" <Antoine.Beaupre@ericsson.ca> To: Jamie Norwood <mistwolf@mushhaven.net> Cc: freebsd-security@FreeBSD.ORG Subject: OT: yet another discussion FTP vs HTTP (was: IPFW almost works now.) Message-ID: <3B2680EB.9040007@lmc.ericsson.se> References: <657B20E93E93D4118F9700D0B73CE3EA0166D97D@goofy.epylon.lan> <20010612152856.A72299@mushhaven.net> <3B267827.5090002@lmc.ericsson.se> <20010612162749.A73655@mushhaven.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Jamie Norwood wrote: > On Tue, Jun 12, 2001 at 04:14:31PM -0400, Antoine Beaupre (LMC) wrote: > >>Jamie Norwood wrote: >> >> >>>On Tue, Jun 12, 2001 at 12:25:33PM -0700, Jason DiCioccio wrote: >>> >>> >>>>Welcome to the shitty protocol that is: FTP. To use active ftp, you >>>>need to allow connections to all inbound ports above 1024. To allow >>>>passive FTP, you need to allow outbound connections to all ports >>>>above 1024. FTP is obsolete, too bad everyone still uses it though. >>>> >>>What do you recommend? SFTP? >> >>IIRC, there's a nice protocol called HTTP that does not have ftp's limitations. ;) > > No, it has a host of limitations all it's own, not the least of which is > that is is actually less efficient at transfering files, I heard a few things regarding that, all contradictory. :) Could you give me a few examples/explanations/references as to why it is less efficient? I'd be curious. > and that it has limited CLI tools. I think that would be the biggest limitation. HTTP could technically override FTP's functionalities using the PUT and DELETE actions, but the only clients actually implementing this functionality are either dead (netscape 3) or forgotten (amaya). :) > Remember, not every computer has a monitor, mouse, and > web browser! Yeah... but every computer should at least have something like lynx/links/w3m/wget/fetch/whatever... You don't need a fully featured web browser to download/upload files to a webserver. Only to display them. Same for ftp. > I would love to see something quality replace FTP. Maybe SFTP will, but it > is still young, and if SSH is any indication, the onlt commercial support > for it will be very expensive (IE, SecureCRT/SecureFX at about $100 each). SFTP is not really an alternative. From what I understand, it is only built over ssh and therefore needs a corresponding shell account (if you exclude the RSA auth). It is surprising we (the internet community) haven't come up with a viable replacement. > Yeah, I know about PuTTY,but I don't like it. :) Well, it's better than almost anything else on windoze. ;) A. -- La sémantique est la gravité de l'abstraction. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B2680EB.9040007>