On Mon, Apr 29, 2002 at 01:13:53PM -0500, Miller, John wrote:
>When a user logs on to an FTP server.  Are their user id and password transmitted in 
>plain text or does the FTP client try to hide it and if so how.
>

plain text. fire up your favorite sniffer. Look into SSL wrapping your
ftpd. Some support this right out of the box (proftpd) and still others
will work if you use stunnel or sslwrap. Anything plain-text is bad bad
bad. 

-- 
Ben Lutgens				 | http://people.sistina.com/~blutgens/	
System Administrator	 | http://www.sistina.com/
Sistina Software Inc. | 

"If you love something set it free, if it doesn't come back to you
hunt it down and set it on fire" -- George Carlin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 230 bytes
Desc: not available
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020429/3b78f451/attachment.pgp