The File Transfer Protocol, or FTP, is an industry standard method of data exchange between computers. Widely used because of its flexibility and ubiquity, FTP has also become a frequent point of attack. Though certainly not the only issue, one frequently cited area of concern is the use of a clear-text data stream for passing authentication and control information. Intended for a novice to intermediate level administrator, this paper briefly examines how a nonsecure FTP implementation functions and demonstrates how the clear-text control connection can be exploited. A common misconception is that switched network architectures adequately protect an organization from network eavesdropping. Several ways of bypassing switch security are outlined, illustrating the continuing need for protecting the FTP data streams.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
