Gnuru.org
Productive Linux


Subscribe

 Subscribe via Feedburner in a reader

Enter your email address:

Delivered by FeedBurner


Login
Login:
Password:



Don't have an account?
Sign up to Gnuru.org
Forgot your password?

Recent Posts
Delete files older than a certain date
Postgresql - multiple installs
Burn ISO to CDR on the Command Line
Screen shot from the Command Line
Make an Image Smaller for Web or Email
Is Calibre the most annoying program in the world ever?
Computer Science Degree: Possibly Useless
Terminal Emulators
Command Line Dictaphone
Fun with sed
Use rsync to copy a directory structure to VFAT
UDEV - devices mounting twice
Convert m4a to mp3 Script
NFSv4 Really Rocks if You Can Get It Working
Convert mp4 video to avi video
Burn ISO to DVD on the Command Line
Scan Network for Local Services with nmap
Bash One-Liner to Determine Mountpoint from UUID
Fail: orphaned udev rules make your life difficult
USB Pen Drives - the UDEV Automounting Secrets
New Nodes
file
Delete files older than a certain date
Postgresql - multiple installs
cdrecord
cdr
Burn ISO to CDR on the Command Line
graphics
screengrab
screenshot
Screen shot from the Command Line
convert
imagemagick
image
Make an Image Smaller for Web or Email
Tags

ACPI administration advocacy advocacy advocacy opinion alsa amarok apache apple apt aptitude audio audo authentication automount avi awk bash BIOS boot business cache calendar calibre cdr cdrecord censorship commandline computerscience console convert cron cut database date debian degree design desktop development disk dpkg dvd economics education emacs email europe exim faad ffmpeg file files firefox firewall flash foss freedom ftp fun fuse git gnumeric graphics grep growisofs grub gtkpod hardware hardware html idiocy image imagemagick images installation ip iphone ipod iptables iso itunes ivman kde kernel keyboard knoppix lame laptop latex linux locale lockin longlines m4a microsoft mimetypes minitab mount mp3 mp4 mplayer multimedia music mysql network nfs nfs4 nmap openbox openoffice opinion opinion partition pdf perl php politics postgresql printing privacy programming rant remote rhythmbox rss rsync rxvt scp screengrab screenshot script scripting scsi security sed server shell siteadmin sitenews sitesoftware skype skype slackware sound sox spam spreadsheet ssh statistics subversion sudo svk swap t23 t43 terminal text thinkpad thunderbird time timezone ubuntu udev upgrade usb usbmount users uuid versioncontrol vfat video vnc windows wine wordpress wordprocessing X40 xwindows xwindows youtube

Blogroll
Categories

FTP
14 March 2005 @ 11:14 GMT
by Anonymous

Information security is commonly described using three terms:
  • confidentiality - ensuring the privacy of sensitive information
  • integrity - ensuring that information and programs are changed only in a specified and authorised manner; and
  • availability - ensuring that systems work promptly and that service is not denied to authorised users.

The terms are usually thought of as three attributes of information security that are always present. This is similar to the fire triangel - heat, air, and flamable material - all three must be present to create a fire. To create information security you need to consider confidentiality, integrity and availability.

The reason I bring this up in regards to FTP and firewalls, is to point out that the second term - integrity - is technically difficult to accomplish using active FTP, because FTP servers tries to connect to your FTP client while your firewall should stop connections from foreign sources to arbitrary ports. By using passive mode, the integrity of your firewall is not broken, because both the control channel and data channel is initiated by authorised personell from the inside to the outside. Firewall usually allow external responses to queries initiated from the inside to pass through.

Tags: ftp


Leave a comment:

Are you human?