[D-community-offtopic] Filezilla a security risk
Shane Johnson
sdj at rasmussenequipment.com
Thu Jun 28 15:35:10 UTC 2012
On Thu, Jun 28, 2012 at 9:13 AM, francis picabia <fpicabia at gmail.com> wrote:
> On Thu, Jun 28, 2012 at 5:37 AM, Andrei POPESCU
> <andreimpopescu at gmail.com> wrote:
>> On Mi, 27 iun 12, 20:58:39, francis picabia wrote:
>>>
>>> We have to do what ever possible to reduce the size of the target to
>>> the hacker. In this case we advise users to uninstall Filezilla
>>> and use something else. Not all Windows users of FTP tools are IT savvy.
>>> They need warnings and guidance frequently. I passed this on so
>>> others can reduce their threat potential.
>>
>> You are missing the point :)
>>
>> In a situation where the doors (here Windows :p) are left wide open,
>> instead of closing and securing them you are trying to hide the
>> valuables under the carpet.
>>
>> Even if you put them in a safe (encrypt with some master password) the
>> villains have it easy to walk into the house and install spy cameras
>> everywhere so they can peak at your combination or simply just steal the
>> entire safe and brute-force it later.
>
> For you, there is special advice. Never communicate with your Windows users.
> It can't possibly impact Linux.
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST at lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster at lists.debian.org
> Archive: http://lists.debian.org/CA+AKB6GsMJPxKYsCOFK7pn3C7ogPYRpyyBRykwPsNQLyGDdaug@mail.gmail.com
>
Please remember that FTP by nature is insecure. All it would take is
for someone to packet sniff the connection and they would have the
user name and password to the account as they are transmitted in plain
text.
--
Shane D. Johnson
IT Administrator
Rasmussen Equipment
More information about the D-community-offtopic
mailing list