FTP "securing"
Derek Martin
invalid at pizzashack.org
Thu Oct 9 08:49:22 EDT 2003
On Wed, Oct 08, 2003 at 09:06:26AM -0400, Kenneth E. Lussier wrote:
> Hey all,
>
> I know, you can't secure FTP.... However, I need to figure something
> out. We have customers that access our customer support website, and
> from there, they download patches. However, when they mouse over the
> link, they can see the FTP username and password. Does anyone know of a
> way to either obfuscate the username and password so that they can never
> see it, or to some way work around this problem?
Well, for "sophisticated" users it won't do much (i.e. the link will
still be shown in the page source), but you can use Javascript to mask
the link destination when the user mouses over it. I'm no javascript
programmer, but I think you want to look at OnMouseOver for that. You
can also use Javascript to hide the menu and tool bars, so it might be
possible to prevent some users from viewing the page source too; but
some browsers (like Mozilla) allow the user to disable a lot of those
Javascript features. YMMV.
Note that I have refrained from making comments regarding the evilness
of using some of these features... I will, however, comment that if
you're going to provide a link with the username and password included
anyway, you may as well bypass the FTP server and make it available
via HTTP. Often, the simplest solution is the best one. :)
For more details about the Javascript stuff, I suggest you ask Niall.
And if you bring rose petals and a pink tutu, he might even explain it
using interpretive dance... =8^)
--
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.
Replying to it will result in undeliverable mail.
Sorry for the inconvenience. Thank the spammers.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20031009/ef0319d7/attachment.bin
More information about the gnhlug-discuss
mailing list