Buck, is it the only way ? I should be able to do this via an FTP
IMHO, FTP is more dangerous to allow than HTTP. With FTP, you're
sending a password in clear text, plus you have to allow many additional
ports. And if you want standard/active FTP to work (as opposed to
passive) you need to allow incoming connections on all of those ports.
HTTP is only one port, outgoing only, doesn't typically require a
The nature of the shop is highly security concious and they are
afraid to 'open up the I to the entire world'.
With all due respect, you have it backwards. You aren't opening up your
i to the world. You're opening up the world to your i.
The rest of the world won't be able to access your i. But your i will
be able to access the world. That's a pretty big distinction.