Jump to content
Can't remember your login details? Read more... ×
Sign in to follow this  
fajw

FTP security risk?

Recommended Posts

What is the security risk of using normal FTP as opposed to secure FTP?

Share this post


Link to post
Share on other sites

What is the security risk of using normal FTP as opposed to secure FTP?

Encyption vs no Encryption.

 

Everything you send over FTP can be pulled down in plain text, this includes usernames and passwords.

Share this post


Link to post
Share on other sites

By who? The government?

Edited by fajw

Share this post


Link to post
Share on other sites

Is the risk just at each end or is there a risk in between?

Share this post


Link to post
Share on other sites

The risk is the entire way, you go through many different networks to reach a destination. Even so, it would still be most likely someone sitting on your end or the other end who is eavesdropping on your connection.

Share this post


Link to post
Share on other sites

The risk is the entire way, you go through many different networks to reach a destination. Even so, it would still be most likely someone sitting on your end or the other end who is eavesdropping on your connection.

+1

 

It could be someone on your wireless network, someone on your wired network, someone in any one of the organisations between your modem and the server.

Hell, it could be malware on either end machine.

Share this post


Link to post
Share on other sites

Secure against Government snooping?

 

No, SFTP uses SSH2, 256 bit AES encryption, so key based and security is relevant to key strength but someone who REALLY wants to decrypt it could do so - how long that would take is another matter.

 

For most uses it is fine, but anything beyond corporate sensitive it has concerns.

 

In Australia sooner or later you could run into ASIO though, it's a requirement of every ISP that data passing through be able to be read, although it would be a rare ISP that could decrypt an SFTP stream it can be snooped and submitted to heavier nut crackers :)

 

In general unless you are likely to attract government interest I wouldn't let it keep you awake nights :)

 

Cheers

Share this post


Link to post
Share on other sites

Thanks for the replies.

 

Which is preferable out of FTPS and SFTP?

Edited by fajw

Share this post


Link to post
Share on other sites

FTPS is considerably more difficult to set up and the advantages are suspect in terms of being any more secure.

 

In practise FTPS is rarely used.

 

Cheers

Share this post


Link to post
Share on other sites

Hi everyone

I was searching this and finally i have this forum really good forum for atomic fans.There are lot of information about atomic gaming,security,networking also so that's why i have to join this community..........

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×