[ale] FTP files

Jerald Sheets questy at gmail.com
Wed Jan 23 10:36:27 EST 2013 

Are you in a PCI, SOX, or ITIL governed environment?  If so, those are some pretty freaking big sticks you can use with them that will force them to listen.  

If you are (and they are, of course), you can say it will break compliance and you will fail audit, and that it is against corporate policy and you cannot do that for them.

Usually the SOX stick is enough, but if you're pushing around financial info, you can definitely beat them a little with compliance if nothing else.  NONE of those sets of guidelines will allow clear text User/pass combos to float across the network.

--jms


On Jan 23, 2013, at 9:39 AM, Chuck Payne <terrorpup at gmail.com> wrote:

> Well, until ssh is built into Windows, what chose to I have, IIS has
> ftp, I can't install ssh on the systems I asked. I even offer to do
> CIFS mount and move the files over, but they wouldn't listen to me. So
> I have to use the tools I have. Since this is behind my firewalll, if
> someone is sniff, I got bigger problems with them getting password. I
> won the battle by them letting me set up sftp on a server on a port
> that wasn't 22 and that with ssh keys,  there no need for password log
> in.  So I can put with ftp from my linux bot to my windows server.
> 
> On Wed, Jan 23, 2013 at 8:52 AM, Lightner, Jeff <JLightner at water.com> wrote:
>> ftp IS "broken".   It does its login and transfers in clear text so is highly susceptible to sniffing.
>> 
>> That is why it was "fixed" by replacing it with more secure transfer protocols such as sftp/scp.
>> 
>> If we have a choice we always use sftp rather ftp.  If we must use ftp we insist on use of encrypted files.
>> 
>> I remember the old days when uucp was the way to go.   Also with the cu command you had ~get and ~put options.
>> 
>> One of the things I wish ssh had was that cu functionality.   Sometimes in the middle of a session you want to transfer a file one way or another and it would be convenient to simply hit a few keys to do that rather than having to open a new scp/sftp session.   (Of course if the file is small enough cut and paste will do the job.)
>> 
>> -----Original Message-----
>> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Chuck Payne
>> Sent: Tuesday, January 22, 2013 8:37 PM
>> To: Atlanta Linux Enthusiasts
>> Subject: Re: [ale] FTP files
>> 
>> It was the -i, now I got working very well.
>> 
>> FTP is beautiful because it just works. It proves, if it any broke, don't fix.
>> 
>> Thanks Jim.
>> 
>> Chuck
>> 
>> On Tue, Jan 22, 2013 at 5:58 PM, Jim Kinney <jim.kinney at gmail.com> wrote:
>>> 
>>> It is shocking at the number of zillion year-old applications that
>>> STILL use plain ftp with open text authentication.
>>> Much of this is from stupid code design that used custom written ftp
>>> "servers" instead of relying on the in-system ftpd that could be
>>> easily upgraded to include sftp capability.
>>> 
>>> <sigh>
>>> 
>>> Just because one _can_ write code doesn't mean one should. I know I've
>>> written my share of horrid crap.
>>> 
>>> 
>>> On Tue, Jan 22, 2013 at 5:46 PM, Lightner, Jeff <JLightner at water.com> wrote:
>>>> 
>>>> I think earlier in the thread someone suggested sftp and the reply was
>>>> that the other side only allows for standard ftp.   If sftp doesn't work
>>>> then scp typically won't either.
>>>> 
>>>> 
>>>> 
>>>> One can get a tad more security out of ftp by pgp (or gpg) encrypting the
>>>> files before placing them in the transfer directory.   Also you'd want to
>>>> jail any login account you gave others to your servers and hope they're
>>>> smart enough to jail any they give you on theirs.   The login session is
>>>> still in clear text but anyone that hacks the login only sees
>>>> gobbledygook so long as they don't have the keys and the jail
>>>> prevents them from seeing anything else.
>>>> 
>>>> 
>>>> 
>>>> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of
>>>> Matthew
>>>> Sent: Tuesday, January 22, 2013 5:23 PM
>>>> To: Atlanta Linux Enthusiasts
>>>> Subject: Re: [ale] FTP files
>>>> 
>>>> 
>>>> 
>>>> Scp?  I rarely use ftp.
>>>> 
>>>> On Jan 22, 2013 4:55 PM, "Jim Kinney" <jim.kinney at gmail.com> wrote:
>>>> 
>>>> You did change the ftp command to ftp -i ? That should drop the
>>>> confirm for mput.
>>>> 
>>>> On Tue, Jan 22, 2013 at 4:42 PM, Chuck Payne <terrorpup at gmail.com> wrote:
>>>> 
>>>> It working, but it only putting one file, the reason it is doing this...
>>>> 
>>>> mput dag2.txt? mput dag3.txt?  221 Goodbye.
>>>> 
>>>> Is it asking me to enter "yes" for the other files?
>>>> 
>>>> Chuck
>>>> 
>>>> 
>>>> 
>>>> On Tue, Jan 22, 2013 at 12:35 PM, Jim Kinney <jim.kinney at gmail.com> wrote:
>>>>> The heredoc format of the ftp line looks wrong. also, you are
>>>>> iterating over a list of files and creating a new ftp connection
>>>>> for each file. Instead
>>>>> use:
>>>>> 
>>>>> mytemp=$(mktemp -d)
>>>>> mylog=$(mktemp)
>>>>> cp $(cat /chroot/home/fl/fl_sdirc/files.txt) ${mytemp} cd ${mytemp}
>>>>> ftp -i <host> 2>$1>${mylog} << EOF user <name> <passwd> binary cd
>>>>> <remote path to file location> mput * exit EOF
>>>>> 
>>>>> On Tue, Jan 22, 2013 at 12:18 PM, Chuck Payne <terrorpup at gmail.com>
>>>>> wrote:
>>>>>> 
>>>>>> Guys,
>>>>>> 
>>>>>> Ok, I think I have a better script, but I am having a problem with
>>>>>> the for/loop with ftp'ing files, looks like it breaking at the <<+
>>>>>> 
>>>>>> Here is my new script
>>>>>> 
>>>>>> ========================Begin
>>>>>> Script=================================
>>>>>> 
>>>>>> #!/bin/bash
>>>>>> # ftp script
>>>>>> # by Chuck Payne
>>>>>> # ftp, logs, and moves files
>>>>>> 
>>>>>> LOG=$(/var/log/fl_sdirc)
>>>>>> FILES=$(cat /chroot/home/fl/fl_sdirc/files.txt | wc -l)
>>>>>> TIME=$(`date '+%m-%d-%Y %H:%M'`)
>>>>>> FILE=$(/chroot/home/fl/fl_sdirc/files.txt)
>>>>>> 
>>>>>> 
>>>>>> if [ -e $FILE ] ; then
>>>>>>  rm -f $FILE
>>>>>> fi
>>>>>> 
>>>>>> ls /chroot/home/fl/fl_sdirc >> /chroot/home/fl/fl_sdirc/files.txt
>>>>>> 
>>>>>> if [ $FILE=="0"] ; then
>>>>>>  echo "$TIME" >> $LOG
>>>>>>  echo "No Files tranfer" >> $LOG
>>>>>> else
>>>>>> 
>>>>>> for i in `cat /chroot/home/fl/fl_sdirc/files.txt` ; do
>>>>>>  ftp -n 192.168.105.29 <<+
>>>>>>  user flsdir essex
>>>>>>  binary
>>>>>>  put $i
>>>>>>  quit ;
>>>>>> done
>>>>>> 
>>>>>> echo "$TIME" >> $LOG
>>>>>> echo "File following file were transfer to Pawnee" >> $LOG
>>>>>> 
>>>>>> for i in `cat /chroot/home/fl/fl_sdirc/files.txt` ; do
>>>>>>  echo "$i" >> $LOG
>>>>>> done
>>>>>> 
>>>>>> for i in `cat /chroot/home/fl/fl_sdirc/files.txt` ;
>>>>>>  mv $i /home/fl_sdirc/$i.$TIME ;
>>>>>> done
>>>>>> 
>>>>>> fi
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> ========================End
>>>>>> Script==================================
>>>>>> 
>>>>>> 
>>>>>> --
>>>>>> Terror PUP a.k.a
>>>>>> Chuck "PUP" Payne
>>>>>> 
>>>>>> (678) 636-9678
>>>>>> -----------------------------------------
>>>>>> Discover it! Enjoy it! Share it! openSUSE Linux.
>>>>>> -----------------------------------------
>>>>>> openSUSE -- en.opensuse.org/User:Terrorpup openSUSE
>>>>>> Ambassador/openSUSE Member Community Manager -- Southeast Linux
>>>>>> Foundation (SELF) skype,twiiter,identica,friendfeed -- terrorpup
>>>>>> freenode(irc) --terrorpup/lupinstein Register Linux Userid: 155363
>>>>>> 
>>>>>> Have you tried SUSE Studio? Need to create a Live CD,  an app you
>>>>>> want to package and distribute , or create your own linux distro.
>>>>>> Give SUSE Studio a try. www.susestudio.com.
>>>>>> See you at Southeast Linux Fest, June 7-9, 2013 in Charlotte, NC.
>>>>>> www.southeastlinuxfest.org
>>>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> _______________________________________________
>>>>>> Ale mailing list
>>>>>> Ale at ale.org
>>>>>> http://mail.ale.org/mailman/listinfo/ale
>>>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>>>> http://mail.ale.org/mailman/listinfo
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> --
>>>>> --
>>>>> James P. Kinney III
>>>>> 
>>>>> Every time you stop a school, you will have to build a jail. What
>>>>> you gain at one end you lose at the other. It's like feeding a dog
>>>>> on his own tail.
>>>>> It won't fatten the dog.
>>>>> - Speech 11/23/1900 Mark Twain
>>>>> 
>>>>> http://electjimkinney.org
>>>>> http://heretothereideas.blogspot.com/
>>>>> 
>>>>> _______________________________________________
>>>>> Ale mailing list
>>>>> Ale at ale.org
>>>>> http://mail.ale.org/mailman/listinfo/ale
>>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>>> http://mail.ale.org/mailman/listinfo
>>>>> 
>>>> 
>>>> 
>>>> 
>>>> --
>>>> Terror PUP a.k.a
>>>> Chuck "PUP" Payne
>>>> 
>>>> (678) 636-9678
>>>> -----------------------------------------
>>>> Discover it! Enjoy it! Share it! openSUSE Linux.
>>>> -----------------------------------------
>>>> openSUSE -- en.opensuse.org/User:Terrorpup openSUSE
>>>> Ambassador/openSUSE Member Community Manager -- Southeast Linux
>>>> Foundation (SELF) skype,twiiter,identica,friendfeed -- terrorpup
>>>> freenode(irc) --terrorpup/lupinstein
>>>> Register Linux Userid: 155363
>>>> 
>>>> Have you tried SUSE Studio? Need to create a Live CD,  an app you
>>>> want to package and distribute , or create your own linux distro.
>>>> Give SUSE Studio a try. www.susestudio.com.
>>>> See you at Southeast Linux Fest, June 7-9, 2013 in Charlotte, NC.
>>>> www.southeastlinuxfest.org
>>>> _______________________________________________
>>>> Ale mailing list
>>>> Ale at ale.org
>>>> http://mail.ale.org/mailman/listinfo/ale
>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>> http://mail.ale.org/mailman/listinfo
>>>> 
>>>> 
>>>> 
>>>> 
>>>> --
>>>> --
>>>> James P. Kinney III
>>>> 
>>>> Every time you stop a school, you will have to build a jail. What you
>>>> gain at one end you lose at the other. It's like feeding a dog on his own tail.
>>>> It won't fatten the dog.
>>>> - Speech 11/23/1900 Mark Twain
>>>> 
>>>> http://electjimkinney.org
>>>> http://heretothereideas.blogspot.com/
>>>> 
>>>> _______________________________________________
>>>> Ale mailing list
>>>> Ale at ale.org
>>>> http://mail.ale.org/mailman/listinfo/ale
>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>> http://mail.ale.org/mailman/listinfo
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> Athena(r), Created for the Cause(tm)
>>>> 
>>>> Making a Difference in the Fight Against Breast Cancer
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> How and Why I Should Support Bottled Water!
>>>> Do not relinquish your right to choose bottled water as a healthy
>>>> alternative to beverages that contain sugar, calories, etc. Your
>>>> support of bottled water will make a difference! Your signatures
>>>> count! Go to
>>>> http://www.bottledwatermatters.org/luv-bottledwater-iframe/dswaters
>>>> and sign a petition to support your right to always choose bottled
>>>> water. Help fight federal and state issues, such as bottle deposits
>>>> (or taxes) and organizations that want to ban the sale of bottled
>>>> water. Support community curbside recycling programs. Support bottled
>>>> water as a healthy way to maintain proper hydration. Our goal is 50,000 signatures. Share this petition with your friends and family today!
>>>> 
>>>> 
>>>> 
>>>> ---------------------------------
>>>> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or
>>>> confidential information and is for the sole use of the intended
>>>> recipient(s). If you are not the intended recipient, any disclosure,
>>>> copying, distribution, or use of the contents of this information is
>>>> prohibited and may be unlawful. If you have received this electronic
>>>> transmission in error, please reply immediately to the sender that
>>>> you have received the message in error, and delete it. Thank you.
>>>> ----------------------------------
>>>> 
>>>> 
>>>> 
>>>> 
>>>> _______________________________________________
>>>> Ale mailing list
>>>> Ale at ale.org
>>>> http://mail.ale.org/mailman/listinfo/ale
>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>> http://mail.ale.org/mailman/listinfo
>>>> 
>>> 
>>> 
>>> 
>>> --
>>> --
>>> James P. Kinney III
>>> 
>>> Every time you stop a school, you will have to build a jail. What you
>>> gain at one end you lose at the other. It's like feeding a dog on his own tail.
>>> It won't fatten the dog.
>>> - Speech 11/23/1900 Mark Twain
>>> 
>>> http://electjimkinney.org
>>> http://heretothereideas.blogspot.com/
>>> 
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>>> 
>> 
>> 
>> 
>> --
>> Terror PUP a.k.a
>> Chuck "PUP" Payne
>> 
>> (678) 636-9678
>> -----------------------------------------
>> Discover it! Enjoy it! Share it! openSUSE Linux.
>> -----------------------------------------
>> openSUSE -- en.opensuse.org/User:Terrorpup openSUSE Ambassador/openSUSE Member Community Manager -- Southeast Linux Foundation (SELF) skype,twiiter,identica,friendfeed -- terrorpup
>> freenode(irc) --terrorpup/lupinstein
>> Register Linux Userid: 155363
>> 
>> Have you tried SUSE Studio? Need to create a Live CD,  an app you want to package and distribute , or create your own linux distro. Give SUSE Studio a try. www.susestudio.com.
>> See you at Southeast Linux Fest, June 7-9, 2013 in Charlotte, NC.
>> www.southeastlinuxfest.org
>> 
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>> 
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
> 
> 
> 
> -- 
> Terror PUP a.k.a
> Chuck "PUP" Payne
> 
> (678) 636-9678
> -----------------------------------------
> Discover it! Enjoy it! Share it! openSUSE Linux.
> -----------------------------------------
> openSUSE -- en.opensuse.org/User:Terrorpup
> openSUSE Ambassador/openSUSE Member
> Community Manager -- Southeast Linux Foundation (SELF)
> skype,twiiter,identica,friendfeed -- terrorpup
> freenode(irc) --terrorpup/lupinstein
> Register Linux Userid: 155363
> 
> Have you tried SUSE Studio? Need to create a Live CD,  an app you want
> to package and distribute , or create your own linux distro. Give SUSE
> Studio a try. www.susestudio.com.
> See you at Southeast Linux Fest, June 7-9, 2013 in Charlotte, NC.
> www.southeastlinuxfest.org
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

More information about the Ale mailing list