Thread: Firewall changes FTP filename?
View Single Post
  #12 (permalink)  
Old 2008-01-21
rokudan rokudan is offline
Member
  
Join Date: 2008-01-10
Location: Orlando, FL
Posts: 75
Rep Power: 1
rokudan has an average reputation (10+)
Send a message via AIM to rokudan
Default Re: Firewall changes FTP filename?
Quote:
Originally Posted by cciesec2006 View Post
I am in the information security business and I work for a financial service
company.
Me too my friend!

Quote:
Originally Posted by cciesec2006 View Post
Prior to me joining the company, people were using ftp for transferring
data across the network. What the hell were they thinking?

I started enforcing the company security policy, i.e. no more ftp or telnet
over the network, even internally. Everything has to be ssh version 2
with AES256-cbc/sha-1. Instead of using FTP, I force everyone to
use SecurerFTP. If SSH is available, then SFTP is also available because
SFTP is a sub-system.

This is 2008, not 1998. FTP should not be used anywhere.

my 2c
We have actually put in place several methods for data transfer, since we are actually a datacenter that hosts over 130 different clietns, we had to come up with ways to accomodate them all..

Secure FTP, SSH as well... However we customized an open source app that works through an https interface. We have found that most of our clients prefer that because, well.... They are not so computer inclined and a web browser makes things easy for them.

But I agree... Out with FTP for anything you want to keep secure.
Reply With Quote