Security Implications?

[juberish]

I'm playing with the FTP and just realized that there's a tool for providing direct links for file downloads.

I'm concerned about the security implications of this, we have a credential based system and SSL certs, is this all for not since the files are apparently available to the outside via direct link anyway?? I was expecting the link to prompt you for a username and password, but this is not the case, clicking the link will directly prompt you to download the file.

If anyone has any information or advice regarding the security implications of this feature, it would be appreciated.

[jbwjbw]

I'm playing with the FTP and just realized that there's a tool for providing direct links for file downloads.

I'm concerned about the security implications of this, we have a credential based system and SSL certs, is this all for not since the files are apparently available to the outside via direct link anyway?? I was expecting the link to prompt you for a username and password, but this is not the case, clicking the link will directly prompt you to download the file.

If anyone has any information or advice regarding the security implications of this feature, it would be appreciated.

I was wondering the same thing.

[FTP]

Do you mean HTTP download link? HTTP download link is designed for downloading by external download-tool (like flashget), not for file sharing. So that link will be available when user logged in, when he logout, it won't be available any more.

[jbwjbw]

Do you mean HTTP download link? HTTP download link is designed for downloading by external download-tool (like flashget), not for file sharing. So that link will be available when user logged in, when he logout, it won't be available any more.

That does make more sense, I had not tested logging out and seeing what it did, duhhh.

It would be nice to have something similar to this but that prompts for login/password then downloads the file.

- Justin

[Ataman]

Can i use the direct link (to download file) withouth loging in to the system?
if not, is there an option to download file without user and pass?
or like in Flashget to enter user & Pass for every download (like Rapidshare).

Thanks.

[FTP]

Can i use the direct link (to download file) withouth loging in to the system?
if not, is there an option to download file without user and pass?
or like in Flashget to enter user & Pass for every download (like Rapidshare).

Thanks.

Wing FTP Server do not support direct link, you can use ftp link with user/pass to download your files, like: ftp://user:pass@YourIP/download/file