Highest Voted 'ftp' Questions - IT Security Stack Exchange

9

votes

3 answers

Does FTP provide any type of integrity?

To verify, that the files I have downloaded using it are not corrupted.

ftp

asked Feb 02 '15 at 22:41

Ulkoma

8,793
16
65
95

9

votes

1 answer

Security implications of not reusing SSL session in FTPS

I've just run into a problem with our FTPS server refusing connections due to missing SSL session reuse. Our client actually should reuse them, but it just doesn't work. I'm well aware that it's not good for performance, but with currently tens of…

tls session-management ftp

asked Apr 07 '18 at 03:11

maaartinus

684
5
12

7

votes

1 answer

What is the value of encrypting a payload when it will be transferred over sftp anyway?

We have a integration arrangement to send content across the internet and the agreed protocol encrypts then sends it via sftp. What possible reason coould there be to encrypt the content twice? I can't see any good reason for it. The algorithm for…

network encryption ftp

asked May 04 '11 at 11:59

Andrew Russell

3,633
1
20
29

7

votes

1 answer

Sulley - optional element and command check

I'm currently using Sulley to fuzz my FTP server, but I'm having problems. I want to specify the STRU command, which has a syntax: STRU [ F|R|P] I tried to specify the optional F,R,P arguments to the STRU command like the…

buffer-overflow fuzzing ftp

asked Apr 26 '12 at 12:14

eleanor

528
2
5
11

6

votes

1 answer

SFTP or FTPS for connecting to a VPS?

I'm going to be hosting one of my websites on a VPS soon and I want to make it as secure as possible. Only I will need access to the VPS, and I can't see that changing in the near future. Because it is an eCommerce website, I will be purchasing an…

tls ssh ftp

asked Jul 22 '13 at 10:39

Andy

501
1
4
10

6

votes

2 answers

Should your client SSL Trusted Authority contain only root and intermediate certificates?

I'm getting conflicting information and it seems people are using certificates a little differently depending on how much effort they want to expend in managing them, and maybe the application being used. Client certs aside, this is my…

tls ftp

asked Sep 09 '12 at 02:45

Mike

408
1
5
8

6

votes

1 answer

If forced to download files using FTP, what steps can be taken to provide security?

I am in a situation where I must access data via FTP on a regular basis (for argument's sake, updated every 10 minutes). No other protocol is available for this operation. This data needs to be put onto a network share. I do not want to connect…

network file-access ftp

asked May 01 '17 at 05:41

Stringers

63
1
8

6

votes

3 answers

Detection for corruption in HTTP and FTP

How is data downloaded via HTTP or FTP checked for corruption? I know that TCP provides a 16-bit checksum field in its header, which is used for checking. Also torrents use a more powerful checksum method, MD5 or (not sure) CRC32. At first I thought…

network http integrity ftp

asked Dec 20 '16 at 23:43

Maverick

163
1
5

5

votes

2 answers

How to fuzz on FreeFloat FTP server using SPIKE Fuzzing?

I would to seek help on using SPIKE fuzzer to fuzz an FTP server which I am testing on Freefloat FTP server but do not have idea on how to work on. As I research and tested out many different types of SPIKE fuzzing scripts to do fuzzing on FTP…

ftp server fuzzing

asked Jan 07 '13 at 09:28

ebiz

51
1
2

5

votes

2 answers

From FTP to SSH

Currently, I am doing a penetration testing laboratory with a server with the following services: Nmap scan report for 10.0.11.125 Host is up (1.3s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 2.0.8…

exploit ssh ftp openssh

asked Aug 09 '18 at 11:34

Lucian Nitescu

1,802
1
13
27

5

votes

1 answer

Find the security hole on my site and prevent it

Last day I've noticed that my wordpress site is hacked and a PHP backdoor shell is installed on my site. Virus scanner reported that a plugin file is inside my wp-content/uploads which I did not upload it myself. It included a wordpress plugin plus…

wordpress backdoor ftp

asked Jun 10 '18 at 08:59

VSB

185
9

5

votes

3 answers

How can I restrict users' connection attempts to my FTP server?

Is there any way possible to restrict user to make a connection to the FTP server on my Windows XP computer? I have an FTP server established in Windows XP and now I want to make access to that FTP server restricted to deny brute force attacks. If…

windows brute-force ftp

asked Jan 30 '12 at 03:31

Bhavik Ambani

321
4
12

4

votes

1 answer

Android app using FTP

I have done some android programming (self taught). I have started working on an app idea. The idea is pretty much that people with the app installed can post pictures/videos and text which can be seen by everyone with the app. I have purchased a…

android ftp web-hosting

asked Feb 23 '15 at 18:34

Marshall

143
5

4

votes

1 answer

SFTP or FTP through VPN?

I'm struggling to find out whether or not I should set up SFTP since I already connect to the internet using a secure VPN. Is the security using FTP through a VPN (using OpenVPN, more specifically https://mullvad.net) as secure as SFTP?

vpn ftp sftp

asked Dec 19 '14 at 11:13

user2026991

111
1
2
5

4

votes

1 answer

Simple File Transfer Protocol

My SIEM has produced something intriguing. I went looking for unauthorized SSH connections, and looked for the SFTP protocol by mistake. I found a Windows web server that is connecting from port 80 to a foreign IP address on port 115. In researching…

network protocols ftp

asked Aug 08 '18 at 17:17

Snark Knight

41
3

Questions tagged [ftp]