Highest Voted 'ftp' Questions - IT Security Stack Exchange

2

votes

3 answers

What is the purpose of opportunistic TLS (like STARTTLS)?

Opportunistic TLS refers to extensions in plain text communication protocols, which offer a way to upgrade a plain text connection to an encrypted (TLS or SSL) connection instead of using a separate port for encrypted communication... Source:…

asked Mar 01 '17 at 22:19

Bob Ortiz

6,234
8
43
90

2

votes

1 answer

FTP session opened from an unknown IP

I have a website made in Magento and hosted on an Ubuntu server and since a few months have been registering FTP connections open from unknown IP trying to open the file lic.php. In the proftpd.log file I found this records: FTP session…

linux ubuntu ftp caching

asked Jan 16 '17 at 18:14

Hector Andres Rojas

123
3

2

votes

3 answers

What are the risks of using FTP?

Are the risks of using FTP essentially the same as the risks of using HTTP? That is my current understanding, and reading an answer (Risks of using HTTP when I trust the local network) on the topic seems to offer little help. Let's say I am moving…

ftp

asked Dec 11 '16 at 03:06

VSO

523
1
5
10

2

votes

0 answers

How to exploit a file upload to an IIS 5.1

I found the following services in a testing environment: 21/tcp open ftp Microsoft ftpd 80/tcp open http Microsoft IIS httpd 5.1 The FTP server allows anonymous logins and the content can be displayed website. How can this…

exploit asp.net iis ftp microsoft

asked Nov 09 '16 at 09:58

SaAtomic

989
2
15
27

2

votes

2 answers

FTP client development - firewall issues

I am working on FTP client for internal usage for deployments. I have started out with WinSCP scripts, everything seems to be working fine, except one operation (deleting large(many files) directory containing files and sub-directories). I know that…

firewalls .net ftp sftp

asked Oct 27 '16 at 13:46

Nerijus Dzinzeleta

21
2

2

votes

1 answer

Does SFTP cost more to implement than FTP?

This is a two part question. How does the implementation of SFTP differ over FTP? (Account Creation, Setup of connection) Is it more expensive (in terms of time/cost) to do so? In this scenario I am using user credentials for authentication.

ftp sftp

asked Jul 28 '16 at 08:32

Callum McCormick

49
5

2

votes

1 answer

Is storing passwords encrypted with GnuPGP on an anonymous FTP server safe?

I would like some advice on a method of storing passwords to a database on my anonymous FTP server. Basically I have login details for a few trusted users to a database server stored in a text file encrypted with GnuPG. With it being encrypted I…

encryption password-management pgp gnupg ftp

asked May 01 '16 at 10:43

Elliott Smelliott

23
2

2

votes

1 answer

Does FTPs (FTP over SSL using explicit TLS) support encryption of data channel?

I am exploring the ability of the FTPs(FTP over SSL using explicit TLS) to encrypt the data channel. I read online that the secure data channel can be entered by entering the PROT command. PROT P for private. Sorry if my question is too naive as I…

encryption tls ftp

asked Feb 24 '16 at 00:25

Nicki

23
3

2

votes

3 answers

Limiting FTP privileges on Windows Server

I currently have a Windows 2012 Server which is acting as a webserver running IIS. I am using Filezilla to host an FTP server to allow some clients FTP access to their own websites. I have setup the FTP account with ease and they are able to access…

windows file-system ftp

asked Feb 17 '16 at 19:20

Jimmy Jane

21
2

1

vote

1 answer

How to use the standard (non-dictionary) brute force attack on FTP in THC-Hydra?

In the process of attempting to secure my local LAN, I have determined that I am at little risk of a dictionary brute-force attack. This being said, a standard brute-force attack which involves cycling through every possible password in existence is…

brute-force ftp

asked Sep 05 '15 at 09:16

user4493605

223
1
2
9

1

vote

2 answers

What negotiates SSL ciphers?

In light of the recent FREAK vulnerability I am trying to get a hold on what ciphers are being used by inbound connections. I have FTP tracing on which is giving me which ciphers are being negotiated between external clients and the system I am…

tls operating-systems ftp

asked Mar 12 '15 at 16:44

Dude

11
2

1

vote

1 answer

FTP over SSL vs HTTPS implemention

Consider two implementations of SSL on a HTTP server and on an FTP server. With the same cipher suites used and the exact same protocols used. Is one more secure than the other. I have heard that it is difficult to get FTP to downgrade protocols.…

tls http ftp

asked Jan 31 '15 at 17:41

W Khan

75
1
6

1

vote

2 answers

Encrypt files on FTP server

I have a practical situation here, my company is a FTP server provider for some clients. The clients are sharing their files on our FTP server and have had no problem with access management and privacy policies so far. Recently, our clients want to…

public-key-infrastructure pgp digital-signature file-encryption ftp

asked Dec 02 '14 at 08:35

A23149577

153
1
11

1

vote

4 answers

Protecting Password in Code

I am writing a program in Processing (which is basically java), that (amongst other things) downloads files from a FTP Server. To connect to the Server the program needs the correct FTP-password, which is currently saved as plain text in a String in…

passwords java ftp protection

asked Aug 19 '14 at 10:29

BigAl

11
3

1

vote

2 answers

How can I make a read-only filesystem read/write?

I recently hacked into my router which runs BusyBox v1.9.1. I want to edit some files in my web GUI interface which will allow me to get hidden options in it. I'm trying to edit a .js file and replace it via FileZilla (I also hacked FTP through…

ssh ftp

asked Jul 20 '14 at 11:01

H3lp3ingth3p33ps

343
1
2
12

Questions tagged [ftp]