Go Back   FlashFXP Forums > > > >

ioFTPD General New releases, comments, questions regarding the latest version of ioFTPD.

Reply
 
Thread Tools Rate Thread Display Modes
Old 07-20-2005, 03:04 PM   #31
ganymede
Member
 
Join Date: Dec 2004
Posts: 46
Default

snypeTest ... just out of interest what whole market are you talking about? and... secondly why take functionality that exists in an ftp daemon and remove it? why build a TCL script who cares? build it in.

d1 why not just put up a poll and see who wants what? and what harm is there in putting ip checking? like really come on here... by taking out a feature your opening up your product to competing products doesnt matter what industry you are aiming for... its such a simple thing... why risk loosing users for something so trivial.....
ganymede is offline   Reply With Quote
Old 07-20-2005, 03:19 PM   #32
SnypeTEST
Senior Member
ioFTPD Scripter
 
Join Date: Feb 2003
Posts: 458
Default

whole market.. as in this FTPD is no longer just going to be targeted to the "scene". Now even companies will start using the FTPD for their win Servers. such as webhosting companies.

Let an external module take care of that. Acouple Reasons:

1) its not like your going to upgrade to v1.0 as soon as it comes out anyway. d1 said himself, all scripts will not work because of the new core.
2) ip@ident is a simple thing. infact an external wrapper can be created to handle this so it doesnt have to rely on ioFTPD versions.

user -> identd wrapper -> (any)FTPD

( thus why d1 says that this method is not secure at all. it can be faked very easly. )
SnypeTEST is offline   Reply With Quote
Old 07-20-2005, 03:31 PM   #33
darkone
Disabled
FlashFXP Registered User
ioFTPD Administrator
 
darkone's Avatar
 
Join Date: Dec 2001
Posts: 2,230
Default

Quote:
Originally Posted by ganymede
secondly why take functionality that exists in an ftp daemon and remove it?
Because ioFTPD 1.0 has nothing to do with previous ioftpd's. (except the name) Just wait and see.
darkone is offline   Reply With Quote
Old 07-20-2005, 03:35 PM   #34
darkone
Disabled
FlashFXP Registered User
ioFTPD Administrator
 
darkone's Avatar
 
Join Date: Dec 2001
Posts: 2,230
Default

Also, did I already mention; passive mode (SSL) transfers require certificate based authentication.
darkone is offline   Reply With Quote
Old 07-20-2005, 04:15 PM   #35
ganymede
Member
 
Join Date: Dec 2004
Posts: 46
Default

darkone throw a dog a bone here and just implement a user ip blocking system!

not to worried about the second point... new functionality is always good.
ganymede is offline   Reply With Quote
Old 07-20-2005, 04:23 PM   #36
darkone
Disabled
FlashFXP Registered User
ioFTPD Administrator
 
darkone's Avatar
 
Join Date: Dec 2001
Posts: 2,230
Default

I'll guess I could implement it as example script/module. However, I do not wish to include ip table in database by default.
darkone is offline   Reply With Quote
Old 07-20-2005, 05:38 PM   #37
Harm
Too much time...
Ultimate Scripter
 
Join Date: Jul 2003
Posts: 1,430
Default

I don't know many things about client certificates. I'm sure there's a way to secure them even if they're stored on some usb stick. Could you enlighten me ?
On another side, how will it work with other ftp daemons ?

Talking about companies that want to restrict the access to their ftp servers, there should still be an ip/host based access control like what we currently have with Host.Rules. Again, could you confirm this darkone ? I must also agree with the fact that ident might be "fun" but is very easy to fake nowadays.

Since tcl will still be there, adding a script to check the ident@host of the user on connect will only take a few lines of code. It will even bring the ability to add advanced regular expressions support or other kind of comparisons you might think of.
Harm is offline   Reply With Quote
Old 07-21-2005, 01:21 AM   #38
ganymede
Member
 
Join Date: Dec 2004
Posts: 46
Default

back to my earlier point - as long as inicom want to maintain the ip script there isnt a problem. Harm... if you going to use a host.rules file i suggest you use a decent firewall instead.... again this does not solve the problem - you cant limit certain people to certain addresses eg: managers can login from anywhere & peons can login from work only - again a certificate cannot help you there.
ganymede is offline   Reply With Quote
Old 07-21-2005, 01:22 AM   #39
ganymede
Member
 
Join Date: Dec 2004
Posts: 46
Default

dark1 quick question about certificates - will it be like the current io where you force certain users to use them and for example localhost not to?
ganymede is offline   Reply With Quote
Old 07-21-2005, 07:33 AM   #40
darkone
Disabled
FlashFXP Registered User
ioFTPD Administrator
 
darkone's Avatar
 
Join Date: Dec 2001
Posts: 2,230
Default

Quote:
Originally Posted by ganymede
dark1 quick question about certificates - will it be like the current io where you force certain users to use them and for example localhost not to?
If user has certificate(s) specified, he is expected to use one. Also note that certificate based authentication only works in SSL mode.
darkone is offline   Reply With Quote
Old 07-22-2005, 08:56 AM   #41
ganymede
Member
 
Join Date: Dec 2004
Posts: 46
Default

can you run SSL mode without certificates.... AUTH SSL / AUTH TLS
ganymede is offline   Reply With Quote
Reply

Tags
address, ftp, give, password, username

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 01:09 PM.

Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)