Re: [Duplicity-talk] Checksums of fileparts on the remoteserver

[Dennis Schulz]

Gabriel Ambuehl schrieb:
> On Saturday 15 September 2007 02:08:45 Dennis Schulz wrote:
>   
> > to be sure everything was tranferred correctly. So the
> > XMD5-FTP-extension could do this. But
> > duplicity needs to support this in order to work. If some part is trash
> > it could resend this part and check again.
> > I recently had some problems when mirroring those packets over FTP to
> > another server.
> > I checked the MD5-hash manually to determine those files. About 80 parts
> > had errors of about 1300.
> >     
>
>
> Point taken. While I don't use FTP (except for the occasional anon ftp ;) I 
> can definitely see how that could be useful (and easily emulated if you have 
> ssh access I guess?). Is XMD5 anything like widely supported on FTP daemons 
> as it does sound like a perfect way to DoS the FTP server?
>   
> ------------------------------------------------------------------------
>
> _______________________________________________
> Duplicity-talk mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/duplicity-talk
>   
Hmm your DoS-idea is good .... But it seems that many servers out there 
support this feature.
The good thing is that you can only use XMD5 if you are loggedin. So if 
my server is secure I
don't have to mention it. If someone brake in he will perhaps be able to 
do other things like to DoS
the server. But in my opinion this is an security-aspect the 
server-developers have to take care for.