TFTP is NOT a secure protocol… but it was never designed to be.

TFTP, or Trivial File Transfer Protocol is designed to be… trivial. It has no authentication, authorization, or any fancy abilities such as listing the directory of files you are looking at. TFTP was created as a “streamlined” way to send and receive files from devices, especially devices with little to “no” compute resources. For example; one common use is to load firmware and software packages to Cisco devices using an internally managed repository on a TFTP server. [Read More]

FTP is NOT secure software.

FTP is a protocol created in 1980 (RFC959) to transfer files to different servers and networks. typically over a WAN connection. However, it is not a service you should use to host sensitive information. The following is why, FTP does not perform encryption on transit; Anyone between you and the FTP server can, will, and most likely have been monitoring and logging traffic. FTP does not securely communicate credentials; FTP does not encrypt authentication, this means that passwords are in plain text and can be READ BY ANYONE monitoring your network. [Read More]

GitHub acquired from Microsoft

Fellow Open Source Enthusiasts. I regret to inform you that Github has recently been bought by Microsoft. Some of you will no longer desire to place your code on github, but where can you place your code now? Thankfully, Open Source culture prevails with multiple options! Gitlab is feature-wise identical (if not more featured) to github, You can host either your own instance or use theirs. What freedom! My employer uses this software for in house code, their features are paramount and their self hosting option allows those with even the tightest security policies to have their cake and eat it too with Gitlab’s advance CI/CD pipelines! [Read More]