FTP "securing"

[Larry Cook]

Hi Kenny,

> We have customers that access our customer support website, and from there,
> they download patches.

> However, when they mouse over the link, they can see the FTP username and
> password.

> ...there are seven FTP servers all over the world to deal with.

It doesn't look like a solution has presented itself yet.  Maybe you could
take a step back and look at the requirements and possibly come up with a
non-FTP solution.

For starters, I present a few (naive) questions, not because I want an answer,
but to generate some thought on the real requirements:

* Why are there seven FTP servers?

* Can anonymous FTP be used?

* Is FTP required, or could HTTP be used?

* Are the patches small enough to be emailed?

* Could you email the username/password or URL so it's not on the webpage?

* Why is this even an issue?  You don't want them to see the 
username/password, but you give them the convenience to just click a link to 
get the file.  So securing the file doesn't seem to be the issue, so why not 
just mirror the patches on the website for HTTP download?

Larry