[lug] Is anon ftp upload really bad?

John Hernandez John.Hernandez at noaa.gov
Wed Apr 24 17:49:07 MDT 2002 

Yes, "authenticated anonymous" is indeed an oxymoron, but I didn't say 
or imply it.

The notion of a "secure system" is never really an absolute in any 
practical environment.  Security almost always involves layers of 
defense, each of which may have some theoretical flaws, but would 
successfully thwart the common attacker.

I'll be the first to admit that cleatext passwords can be compromised, 
but notion that cleartext passwords are worthless doesn't stand up in 
my book.  If I threw up a telnet server somewhere on the 'net and gave 
you a valid UID, it would be not be trivial for you to gain shell 
access, even if I logged in remotely under that same UID routinely. 
Well, maybe if you REALLY REALLY wanted to, but that's my point.

I've personally witnessed well-chosen reusable plaintext passwords used 
across the Internet stand the test of time; I'm not THAT surprised. 
Apparently nobody cares that much about that particular account to risk 
  getting caught sneaking a sniffer onto the wire along the path; 
that's probably the case with 99% of the accounts in existence.

Sure, a steel door is better than a wooden door is better than no door, 
but there's an appropriate door for every doorway.  Look at the example 
of stateless IP filters on common router platforms.  They are 
notoriously flawed in more than one respect, but you don't see everyone 
going around turning them off in favor of no network filtering but 
instead a totally host-based security effort.  They are, together, 
complimentary.

Peter Hutnick wrote:
 > I guess I don't know of any kind of authenticated anonymous FTP.  The
 > two sound mutually exclusive to me.

<snip>

> To say it another way, I don't see any use in a half-measure.  Either rely on 
> authentication (and IMO cleartext isn't authentication, since, as you allude 
> to, you basically have to assume the passwords to be compromised) or don't.  
> Using untrusted authentication on top of an otherwise secure system seems to 
> be the worst of both worlds to me.

-- 

   - John Hernandez - Network Engineer - 303-497-6392 -
  |  National Oceanic and Atmospheric Administration   |
  |  Mailstop R/OM12. 325 Broadway, Boulder, CO 80305  |
   ----------------------------------------------------

More information about the LUG mailing list