Great Circle Associates Firewalls
(April 1995) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Telnet and Ftp
From: Christopher Klaus <cklaus @ shadow . net>
Date: Fri, 28 Apr 1995 19:58:13 -0400 (EDT)
To: abraham @ hpindda . cup . hp . com (Abraham Lui)
Cc: firewalls @ GreatCircle . COM
In-reply-to: <199504281933 . AA263327628 @ hpindda . cup . hp . com> from "Abraham Lui" at Apr 28, 95 12:33:47 pm 
> 
> A while back Marcus Ranum had circulated in this mailing list on
> how to transfer a file through a remote login session (eg. rlogin 
> or telnet). I am surprise to see that some firewall products out
> there still provide seperate access control on telnet and ftp. Using
> Marcus's technique, denying ftp but allowing telnet does not make
> any sense!

Same goes with e-mail.  

mail person @
 host < file   and there are email->ftp gateways

and you bypassed the ftp control.  However, if you didnt make ftp, telnet,
email seperate access controls, and you had to deny them all, there
wouldn't be much point connecting to the Internet (IMHO).

Cheers,
Christopher

-- 
Christopher William Klaus       Voice: (404)441-2531. Fax: (404)441-2431
Internet Security Systems, Inc.         Computer Security Consulting
2000 Miller Court West, Norcross, GA 30071
References:
  • Telnet and Ftp
    From: Abraham Lui <abraham @ hpindda . cup . hp . com>
Indexed By Date Previous: Re: Client/Server Encryption
From: Christopher Klaus <cklaus @ shadow . net>
Next: To Log or Not to Log (or what to log!)
From: Edward Maillet <maillet @ doc . usmcs . maine . edu>
Indexed By Thread Previous: Telnet and Ftp
From: Abraham Lui <abraham @ hpindda . cup . hp . com>
Next: re: Telnet and Ftp
From: Quentin Fennessy <Quentin . Fennessy @ SEMATECH . Org>
Google
 
Search Internet Search www.greatcircle.com