Announcement

Collapse
No announcement yet.

How does hacker attack FTP packets ?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • How does hacker attack FTP packets ?

    Hi All

    Lately, I have been using programs to FTP files to a remote server. I then read somewhere that FTP is not secure as it send stuff in clear text?

    I wonder how a hacker can get hold of these FTP packets or messages ?
    Do they use packet sniffers such as Wireshark to sniff out these packets in the network itself ?
    please advise.

    Also how does SFTP or FTPS is considered more secure than FTP ?

  • #2
    Originally posted by Tim Lakinir View Post
    Also how does SFTP or FTPS is considered more secure than FTP ?
    Check this out ... https://www.ssh.com/ssh/sftp/

    Comment


    • #3
      As for the "attacking" part. It's not necessary to "attack" FTP directly (in a sense). All a hacker needs to have is access to the internet traffic. Which can happen anywhere along the way between the sending client and the receiving server. Which means: you can't do anything about it, as you have no control over the devices/networks once the traffic leaves your network. Given that, there's not ONE method to get illegal access. Yes, tools as Wireashark are one way to do it. But there's plenty of others. As you mentioned: data is send in plain text, especially user/password, so further inappropriate usage is easy.

      As for SFTP/FTPS. Both "protocols" try to solve the above dilemma in two different ways, utilizing two separate existing standards without the need to change the existing FTP protocl: SSH for SFTP and TLS (formerly known as "SSL") for FTPS. Oversimplified the idea behind these is

      SFTP: create an (encrypted) tunnel (think "VPN") through which the still plain text FTP traffic is routed.
      FTPS: use TLS for end-to-end encryption of the FTP data, similar to what HTTPS does for HTTP

      Both are tried and tested methods of which to my experience SFTP is the more common/wide-spread adaption.

      Comment


      • #4
        An advantage of SFTP is that it doesn't require the additional step (and relatively minor expense, in some cases) of creating a server certificate. The advantage of FTPS is that you can have a certificate issued by a trusted authority which not only allows the connection to be secure, but the client can take that extra step of confirming the identity of the system is one that is trusted by a well-known third party (e.g.: the Certificate Authority which issued the certificate), and you can validate the certificate chain to ensure it hasn't been revoked, etc.
        Mike Stefanik
        sockettools.com

        Comment


        • #5
          Just as an FYI

          I have a plane FTP server that I use to disturbed files & security video.
          ID/PW are both very longs and computer created like $deRfS3678JhU,Mj
          When I look at my logs I see 100’s attempts per hour to gain access, most are using common ID names and common passwords.
          My server allows 3 attempts per IP and then I disallows that IP for 24 hours.
          Someone wiresharking the FTP conversation would see it all.
          BASIC shampoo - DO:LATHER:RINSE:LOOP UNTIL CLEAN <>0

          Comment


          • #6
            Thank you All for your advice.

            So WireShark is one such program that hackers can use to read FTP packets

            BTW, Mike you mentioned that
            An advantage of SFTP is that it doesn't require the additional step (and relatively minor expense, in some cases) of creating a server certificate
            Does this means that SFTP implementation would be slightly faster and easier than FTPS ?
            And that FTPS implementation would be more expensive as we need to have trusted authority certificates ?

            Comment

            Working...
            X