Full Disclosure: Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml)

["Joey Mengele" <joey.mengele () hushmail com>]

Valids,

On Fri, 18 Apr 2008 16:10:41 -0400 Valdis.Kletnieks () vt edu wrote:
> On Fri, 18 Apr 2008 15:42:44 EDT, Joey Mengele said:
> > I disagree, read the RFC. There are plenty of more secure FTP 
> > clients such as the OpenSSH.com groups proactive secure Secure 
> FTP 
> > (sftp) implementation of FTP.
> Right, except that SFTP isn't the RFC959 protocol that lives on 
> ports 20/21,
> it's an entirely different protocol layered on top of the OpenSSH 
> on port 22.
>
> If you actually *do* "read the RFC", RFC959, section 4.1.1 says:
Then how do you explain the security offered by section 3.4.3 of 
RFC959? Or did you just skip over that...

J

--
Own your own business.  Click here to start making money owning your own franchise.
http://tagline.hushmail.com/fc/Ioyw6h4fPmWsA2fzSQ6klsvwitr5lyEN7uWRbhg5RUfeRgV7wM17Gg/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/