2018-03-23 06:36 AM
Hi Team ,.
We are seeing this vulnerability on VLC's of version 10.6.5.0. could any one tell how to close the same.
2018-03-23 10:54 AM
Hi Gayathri,
We only use FTP to have logs transferred to us from 3rd party event sources that only support FTP. FTP sends credentials in clear text.
The only way to address this is to move to FTPS, SFTP, or SCP, all of which encrypt credentials and are supported by the Log Collector. The only question is if the event source supports one of them.
Note that the files transferred (by SFTP and others) can only be placed in directories that are chroot jailed. There is no access to any other files on the box.
Thanks,
Guy