From owner-freebsd-security  Wed Jun 13  8:24:29 2001
Delivered-To: freebsd-security@freebsd.org
Received: from diarmadhi.mushhaven.net (diarmadhi.mushhaven.net [209.16.107.11])
	by hub.freebsd.org (Postfix) with ESMTP id 989BC37B403
	for <freebsd-security@freebsd.org>; Wed, 13 Jun 2001 08:24:24 -0700 (PDT)
	(envelope-from mistwolf@diarmadhi.mushhaven.net)
Received: (from mistwolf@localhost)
	by diarmadhi.mushhaven.net (8.11.4/8.11.4) id f5DFOlg01098
	for freebsd-security@freebsd.org; Wed, 13 Jun 2001 11:24:47 -0400 (EDT)
	(envelope-from mistwolf)
Date: Wed, 13 Jun 2001 11:24:47 -0400
From: Jamie Norwood <mistwolf@mushhaven.net>
To: freebsd-security@freebsd.org
Subject: Re: OT: FTP almost gone now? (was: Re: IPFW almost works now.)
Message-ID: <20010613112447.B1043@mushhaven.net>
References: <20010613111421.A777@mushhaven.net> <72097.992445650@axl.seasidesoftware.co.za>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <72097.992445650@axl.seasidesoftware.co.za>; from sheldonh@starjuice.net on Wed, Jun 13, 2001 at 05:20:50PM +0200
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Wed, Jun 13, 2001 at 05:20:50PM +0200, Sheldon Hearn wrote:
> 
> 
> On Wed, 13 Jun 2001 11:14:21 -0400, Jamie Norwood wrote:
> 
> > My main issue is that noone has yet given me a good reason WHY FTP should
> > be depreciated.
> 
> Because it uses out-of-band socket connections for the actual transfer,
> while HTTP transactions occur through a single socket connection.  This
> makes HTTP much easier to support from a firewalling perspective.

Which is all well and good, but doesn't say why FTP should be replaced.
There are far more people using FTP from outside firwewalls than inside.
And a properly configured firewall should not have much problem. I have
been behind plenty of firewalls and been perfectly able to FTP. And
they were no more insecure than one that allows in/out http traffic.

Jamie

> as simple as HTTP from a firewall admin's perspective.
> 
> Ciao,
> Sheldon.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message