| View previous topic :: View next topic |
| Author |
Message |
civicexcoupeman
Joined: 06 Mar 2008
Posts: 36
|
 Posted: Wed Dec 10, 2008 1:06 am Post subject: Security |
 |
|
I know FTP isn't the safest file transfer protocol. Simple question. With use of this Quick 'n Easy FTP Server the only security we get is if users are trying to get in they would have 3 attempts and then their IP is blocked?
What if the user is just their spoofing IP's so one IP gets blocked then they try again and so on and so forth...
how about them seeing unencrypted passwords when people login to the server...
anyways please just discuss about FTP security and any security holes that this server prevents |
|
| Back to top |
|
 |
admin
Site Admin
Joined: 13 Apr 2005
Posts: 1467
|
| Posted: Wed Dec 10, 2008 8:35 am Post subject: |
|
|
Users can not log into the server unless they know the username/password.
There are no known security issues with the server. |
|
| Back to top |
|
|
civicexcoupeman
Joined: 06 Mar 2008
Posts: 36
|
| Posted: Wed Dec 10, 2008 4:23 pm Post subject: |
|
|
That might be the case with the server but FTP is known to have security issues. Which is the protocol FTP the server uses has many known issues.
Using the FTP protocol is regarded to be very unsafe because a password must always be entered for the transfer. The password is subsequently transmitted over the Internet without encryption
A user's name and password are transferred in clear text without encryption when logging on and can therefore be easily recognized. When using an FTP connection, the transferred data could "stray" to a remote computer and not arrive at their intended destination. Third parties can then download data from the remote system to their own computers, or existing data can be viewed and edited. This presents a significant risk, particularly when transferring company confidential information. FTP can also be used to determine the passwords of individual users, since the password is transferred in clear text when logging on. As a result, even those with unauthorized access to this network can record the password information.
Are just common problems with the FTP protocol.
SO all I'm asking in this thread is what does this server have set in place to stop these common issues with FTP; besides just having the capability to put IP's that people can spoof and create over and over into a block list. Which at the end does not help if someone is just trying to get in..they will just sit their once one of their IP's gets blocked after 3 attempts spoof another IP and they have 3 more attempts. This can be done incredibly easily from not even someone who considers themselves a "hacker" or even retarded "script Kiddies" would be able to do this.
I think this is a valid question to ask. Considering that Ive used your server program for a while and now I just want to know how secure it is to protect what I have on it now for a little less then a year of use. |
|
| Back to top |
|
|
admin
Site Admin
Joined: 13 Apr 2005
Posts: 1467
|
| Posted: Wed Dec 10, 2008 8:13 pm Post subject: |
|
|
The server uses the standard FTP protocol and can be used with any standard FTP client. For this reason no additional security features have been implemented otherwise it would stop FTP clients from connecting to this server. We did not modify the FTP protocol in any way.
There is another protocol called SFTP, but this is very different from standard FTP. |
|
| Back to top |
|
|
|
FAQ
Search
Usergroups
Register
Profile
Log in to check your private messages
Log in
