said:
Hi,
>If the remote FTP server allows a UserID:Password login, then it won't
>make any difference if _you_ log in securely. Any hacker can simply log
>in using the UserID:Password interface, and change your web site.
This depends on the authentication method. FTP over SSH adds additional
layers of authentication that can prevent simple password attacks.
>Your best security is 1) use a "really good" password and 2) change the
>password often so if somebody finds one of your old log ins, the password
>won't be good any more.
This is good advice for any use of passwords. Also, while it can be
annoying, don't use the same password everywhere.
>The server only allows three failures, then it boots you off and
>you have to ftp to it again to keep trying. After an hour they gave up.
This is the kind of stuff that instrusion detection software can alert you
to.
Steven
--
----------------------------------------------------------------------
"Steven Levine" MR2/ICE 2.67 #10183 Warp/eCS/DIY/14.103a_W4
www.scoug.com irc.fyrelizard.com #scoug (Wed 7pm PST)
----------------------------------------------------------------------
=====================================================
To unsubscribe from this list, send an email message
to "steward@scoug.com". In the body of the message,
put the command "unsubscribe scoug-help".
For problems, contact the list owner at
"postmaster@scoug.com".
=====================================================
<< Previous Message <<
>> Next Message >>
Return to [ 19 |
January |
2007 ]
The Southern California OS/2 User Group
P.O. Box 26904
Santa Ana, CA 92799-6904, USA
Copyright 2001 the Southern California OS/2 User Group. ALL RIGHTS
RESERVED.
SCOUG, Warp Expo West, and Warpfest are trademarks of the Southern California OS/2 User Group.
OS/2, Workplace Shell, and IBM are registered trademarks of International
Business Machines Corporation.
All other trademarks remain the property of their respective owners.
