Pablo Software Solutions Forum Index Pablo Software Solutions

 
 FAQFAQ   SearchSearch   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Security

 
Post new topic   Reply to topic    Pablo Software Solutions Forum Index -> Quick 'n Easy FTP Server
View previous topic :: View next topic  
Author Message
civicexcoupeman



Joined: 06 Mar 2008
Posts: 36

PostPosted: Wed Dec 10, 2008 1:06 am    Post subject: Security Reply with quote

I know FTP isn't the safest file transfer protocol. Simple question. With use of this Quick 'n Easy FTP Server the only security we get is if users are trying to get in they would have 3 attempts and then their IP is blocked?

What if the user is just their spoofing IP's so one IP gets blocked then they try again and so on and so forth...

how about them seeing unencrypted passwords when people login to the server...

anyways please just discuss about FTP security and any security holes that this server prevents
Back to top
View user's profile Send private message
admin
Site Admin


Joined: 13 Apr 2005
Posts: 1469

PostPosted: Wed Dec 10, 2008 8:35 am    Post subject: Reply with quote

Users can not log into the server unless they know the username/password.
There are no known security issues with the server.
Back to top
View user's profile Send private message Send e-mail
civicexcoupeman



Joined: 06 Mar 2008
Posts: 36

PostPosted: Wed Dec 10, 2008 4:23 pm    Post subject: Reply with quote

That might be the case with the server but FTP is known to have security issues. Which is the protocol FTP the server uses has many known issues.

Using the FTP protocol is regarded to be very unsafe because a password must always be entered for the transfer. The password is subsequently transmitted over the Internet without encryption

A user's name and password are transferred in clear text without encryption when logging on and can therefore be easily recognized. When using an FTP connection, the transferred data could "stray" to a remote computer and not arrive at their intended destination. Third parties can then download data from the remote system to their own computers, or existing data can be viewed and edited. This presents a significant risk, particularly when transferring company confidential information. FTP can also be used to determine the passwords of individual users, since the password is transferred in clear text when logging on. As a result, even those with unauthorized access to this network can record the password information.

Are just common problems with the FTP protocol.

SO all I'm asking in this thread is what does this server have set in place to stop these common issues with FTP; besides just having the capability to put IP's that people can spoof and create over and over into a block list. Which at the end does not help if someone is just trying to get in..they will just sit their once one of their IP's gets blocked after 3 attempts spoof another IP and they have 3 more attempts. This can be done incredibly easily from not even someone who considers themselves a "hacker" or even retarded "script Kiddies" would be able to do this.

I think this is a valid question to ask. Considering that Ive used your server program for a while and now I just want to know how secure it is to protect what I have on it now for a little less then a year of use.
Back to top
View user's profile Send private message
admin
Site Admin


Joined: 13 Apr 2005
Posts: 1469

PostPosted: Wed Dec 10, 2008 8:13 pm    Post subject: Reply with quote

The server uses the standard FTP protocol and can be used with any standard FTP client. For this reason no additional security features have been implemented otherwise it would stop FTP clients from connecting to this server. We did not modify the FTP protocol in any way.

There is another protocol called SFTP, but this is very different from standard FTP.
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    Pablo Software Solutions Forum Index -> Quick 'n Easy FTP Server All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


SwiftBlue Theme created by BitByBit
Powered by phpBB © 2001, 2002 phpBB Group