On Mon, Apr 29, 2002 at 01:13:53PM -0500, Miller, John wrote: >When a user logs on to an FTP server. Are their user id and password transmitted in >plain text or does the FTP client try to hide it and if so how. > plain text. fire up your favorite sniffer. Look into SSL wrapping your ftpd. Some support this right out of the box (proftpd) and still others will work if you use stunnel or sslwrap. Anything plain-text is bad bad bad. -- Ben Lutgens | http://people.sistina.com/~blutgens/ System Administrator | http://www.sistina.com/ Sistina Software Inc. | "If you love something set it free, if it doesn't come back to you hunt it down and set it on fire" -- George Carlin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 230 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020429/3b78f451/attachment.pgp