The File Transfer Protocol itself is not secure, as username and password are sent over the Internet in a readable form for anyone who checks data streams.

It depends on how sensitive the data is, you might have a look at other protocols, such as IPSec.

Thanks, Sinner_G.

The data itself is not sensitive -- I just don't like the idea that someone could grab my username and password and effectively take over the site.

Nick

I suggest SmartFTP. I'm not sure how much more secure it is that IEFTP, but it is definetily much more user-friendly. [smartftp.com...]

NickH:

AFAIK, there is no way for a third-party to intercept any of the data you transmit, let alone your login data, unless they, e.g., crash the server, poison the DNS, and receive your login packets, all within the timeframe between your conncetion request and your login response (3 seconds or so at most?). But there is a s(ecure)FTP protocol (wich uses SSH [Diffie-Hellman] encrypted authentication) if you're really paranoid.

Jordan

>>there is no way for a third-party to intercept any of the data you transmit

I think this is a bit misleading. It is not that difficult to intercept the packets of data containing plain text login information if someone is determined.

The issue here is that someone would need to be targeting you directly for it to become a serious issue. In terms of general FTP usage this is unlikely to be a problem.

IIRC, well-formed TCP packets have a header with a source and destination field, and unless the DNS mapping for the dest has been poisoned (so the dest gets remapped), or the server has been juped (and they pretend to be the server), no one except the dest can receive the packets. Mabye I'm not recalling correctly?

Jordan

>>unless the DNS mapping for the dest has been poisoned (so the dest gets remapped), or the server has been juped (and they pretend to be the server)

Even discounting other methods, are the 2 you mention not enough to highlight the insecure nature of FTP transactions?

The three most commom methods are faking an ARP server, faking DNS and forcing use of a fake router for the client requests. All of these result in login details passing through a hacker's computer, without the need to control either source or destination.

Gratuitous ARP is the only actual security hole I know of and deals with altering the dest by "poisoning" the resolver mapping to point to a wrong resolution by sending mass spoofed ARP authentications to the DNS server so that the spoofed ARP arrives before the authority's response and the DNS server accepted the spoofed ARP first.

This is very hard to do because of the timeframe between the when DNS sends an ARP query to the authority, and when the authority responds -- usually milliseconds (which is why the hackers use mass ARP authentications -- in hopes to slow down the server and to get in a response before the authority does).

The other way is to "jupe" the server. Root it, get accress to its DNS areas, masq as the server's IP, then knock the server offline. This is even harder to do and is not a flaw in the protocols themselves (they are working as they are supposed to).

I'm skeptical that there are any serious security holes in TCP/IP. Mostly what I have seen is just buggy, DOS stuff.

But of course, with Windows...there doesn't need to be any serious security holes in TCP/IP -- someone just has to get you to install the latest BHO and drop a keylogger on the system or like. I would personally be much more worried abour spyware and scumware than I would be about using unsecured FTP.

Jordan