File Transfer Protocol - Security

Security

FTP was not designed to be a secure protocol—especially by today's standards—and has many security weaknesses. In May 1999, the authors of RFC 2577 listed a vulnerability to the following problems:

  • Bounce attacks
  • Spoof attacks
  • Brute force attacks
  • Packet capture (sniffing)
  • Username protection
  • Port stealing

FTP is not able to encrypt its traffic; all transmissions are in clear text, and usernames, passwords, commands and data can be easily read by anyone able to perform packet capture (sniffing) on the network. This problem is common to many of the Internet Protocol specifications (such as SMTP, Telnet, POP and IMAP) that were designed prior to the creation of encryption mechanisms such as TLS or SSL. A common solution to this problem is to use the "secure", TLS-protected versions of the insecure protocols (e.g. FTPS for FTP, TelnetS for Telnet, etc.) or a different, more secure protocol that can handle the job, such as the SFTP/SCP tools included with most implementations of the Secure Shell protocol.

Read more about this topic:  File Transfer Protocol

Famous quotes containing the word security:

    ...I lost myself in my work and never felt that marriage would give me the security I wanted. I thought that through the trade union movement we working women could get better conditions and security of mind.
    Mary Anderson (1872–1964)

    When kindness has left people, even for a few moments, we become afraid of them as if their reason had left them. When it has left a place where we have always found it, it is like shipwreck; we drop from security into something malevolent and bottomless.
    Willa Cather (1876–1947)

    Modern children were considerably less innocent than parents and the larger society supposed, and postmodern children are less competent than their parents and the society as a whole would like to believe. . . . The perception of childhood competence has shifted much of the responsibility for child protection and security from parents and society to children themselves.
    David Elkind (20th century)