You can't secure what you don't acknowledge.SM

Wednesday, April 2, 2008

FTP bad for sensitive information...and lives?

When I first saw this headline, I thought to myself: Who's the detective that figured this out!? [tongue in cheek]
FTP Sites Vulnerable to Data Breaches

FTP poses risks?? Uh, yeah! It's just like another technology or host on the network. If it's software, addressable via IP, and has a user login prompt - then, it's undoubtedly going to have holes that are exploited eventually. Especially when network admins and security managers ignore it for the most part. And, in the case of this article, when employees are managing it on their own. [side note: I'm not sure how employees are able to setup their own FTP servers unless the firewall is wide open. I can't even get legitimate FTP to work through my firewall most the time!]

So, Tumbleweed now has a new freeware tool that will monitor the network for FTP traffic (didn't they used to make an email filtering product?) and shows on what's going on. Wooo.... A new tool that looks for FTP traffic, analyzes the data and then creates a pretty report outlining who did what. Um...there's been a tool to do this that's been around for a loooong time - a couple of decades. It's called a network analyzer. Oh, and there's the free Cain tool that'll do this as well. It even has a handy password capture tool so you don't have to goto the trouble of setting up a filter in a network analyzer. Tamosoft has had their tool NetResident out for a long time. It does this same stuff.

I've been telling people to monitor their network traffic just inside or outside the firewall to see what's going on for a long long time. It provides unbelievable insight into protocols in use, top talkers, policies being violated - you name it! Now, a product vendor is using the RSA conference to debut their new technology/solution to this problem. Nothing new here except for the marketing types trying to reposition old technologies and old vulnerabilities. I could kick myself...I guess I've missed the boat - again.

No comments:

Post a Comment