Thread: ftp-client, gui-based
View Single Post
kutibah is offline kutibah
2006-05-06 , 17:13
Posts: 182 | Thanked: 3 times | Joined on Mar 2006
#7
Originally Posted by niko
This is what makes it quite easy.

What happens here:
It is not only the login that is managed, it's the whole file handling.

You connect yourself with www.web2ftp.com. Your entrance dates can be stored on purpose automatic (maybe also without bad motive at first, however, imagine the company is taken over or hacked) or by chance. Maybe it's only an accesslog where they are stored and through coincidence they come into the net.


Furthermore (now I can only presume) the files you want to upload are reached to the web2ftp-perlscript and transmitted to your wish server.
It is easy for the script to analyse your files, store copies and to modify before they land on your wish server.

I am sure, you can imagine more misusage.

regards,
Niko
Yes, I understand that. But it also depends on what you host on the server. For my case, I just host a small proxy site in which I use at my school =) so if they do steal the passwords, they really don't get any usefullness out of it. But if your hosting an online store with potential credit card info, it can be dangerous.