Anyone know the bad or good of WinSCP?

dianaward

Well-Known Member
Dec 9, 2002
99
0
156
USA
cPanel Access Level
Root Administrator
Twitter
http://winscp.vse.cz/eng/about.php

I tried it and it looks good, does what I wanted it to do. And it's free. But I wondered if there are security issues I should know about, since I haven't heard of it before. Have any of you used it? Do you know of any security issues? I didn't find any in my web search, and PCMag gave it a good review.


If it's okay, it sure seems like an easy way to move/backup files. I can easily copy the backup dirs of my servers to the backup drives of another using my own computer as a temp directory. (I keep few accounts per server, as they are heavy mailers.) for extra backup security. And it made it very easy to rescue the databases off a server that was going down with failing memory and hence wouldn't respond properly.
 
Last edited:

dL007

Member
Apr 21, 2003
9
0
151
I've been using it for some time now and have had no problems. Their first version did have a small bug but they fixed it. I will keep an eye on this forum as I am worried myself of security vulnerbilities. However SSH should be secure. Should I quote that 'should' part?

-DL007
 

Radio_Head

Well-Known Member
Verifed Vendor
Feb 15, 2002
2,051
1
343
Never tried WinSCP . I tried securecrt and others and I think zoc is one of the best to control a server remotely (especially when you have to execute mc , or to upload/download files via ssh). For me the best . About WinSCP , I am not safe to use an SSH/Telnet client which is freeware (only if it's open source I could consider it) .
 

dL007

Member
Apr 21, 2003
9
0
151
if this company was an open source, then many people can just take the source, modify it a little and put their company name behind it. Then start selling it online for a profit, or to even promote their own site. AND OR include additional command lines to send the owner / creator of the modifier the login of any ssh sessions..just my thought about open source.
 

Radio_Head

Well-Known Member
Verifed Vendor
Feb 15, 2002
2,051
1
343
Originally posted by dL007
if this company was an open source, then many people can just take the source, modify it a little and put their company name behind it. Then start selling it online for a profit, or to even promote their own site. AND OR include additional command lines to send the owner / creator of the modifier the login of any ssh sessions..just my thought about open source.
If the freeware SSH client is not open source the authour could have inserted malicious code to get user and password connection .. it's my thought about freeware ssh clients.

Could be the same for paid software , but I have more faith with paid software respect of a freeware .
 

dL007

Member
Apr 21, 2003
9
0
151
I truly agree on that, however many of the freeware programs that are on free websites or via IRC downloads have backdoors and other codes inside them. I only download from trusted sources like downloads.com - and or if the website is reviewed by a reputable company. I guess there can always be something said forth freeware / open source and everything.

I heard that Microsoft is trying to pass a law to allow them create an update / new OS that Microsoft controls the allowed software to be ran from your computer. I really think that is messed up because Microsoft will eventually eliminate all competition and just keep the big fish ahead in the game. BUT I AM SURE the WareZ scene will always have a hack. kind of like how their working on hacking a 2048 encryption via xbox games...I heard that group is 90% close...

If they crack that encryption, that means you won't even need a modchip inside your system. I guess you put this boot cd once, make some configurations and bam, your done. Play backups / imports and everything without even opening up the darn bugger. I think Microsoft will have a filed day over that when it is released. They had a field day over iSONEWS.com when the department of Justice took over the site. iSoNEWS was selling modchips in the US, kind of illegal I hear. I know my post is totally irrevelant to the topic but it was an example made towards another example, hehe