FTP is widely considered to be fairly dangerous, but even security-conscious sites might still run it because of the perceived difficulty in educating users about alternatives. Available alternatives include: - secure copy, which encrypts names, passwords and traffic - web-based file archives, a much safer way of offering files to the public The lack of widespread, free, Windows-based secure copy clients only exacerbates the problem. FTP is dangerous for several reasons, including: 1) All passwords travel in the clear across the connection, allowing any intermediate hosts (and usually every host on the source and destination's local area network) to "sniff" unencrypted passwords. 2) Ftp daemons typically need to run with root privileges, and most of the common ones have been found to have a multitude of security vulnerabilities over the course of their existence. For instance, the ftp daemon included with RedHat 6.0 has had two major updates to close security holes since RH6.0 was released. Earlier in this session, we updated your wu-ftp to the most recent one that Redhat advertises