ftp and password security

Discussion in 'Computer Support' started by Jan Bours, May 3, 2005.

  1. Jan Bours

    Jan Bours Guest

    When I use the FTP-command (from the command-line) to update files belonging
    to a website, the password that you supply with it is sent IN CLEARTEXT over
    the wire
    and the Internet. This can become a real security-problem when these
    file-updates
    are done lets say 10 times per hour or so. But even when this is done not so
    often,
    the password can be "stolen" by packet-sniffer-software.

    Is there a way to prevent this from happening? Can it be done with a special
    FTP-version
    or do you have to use a completely different approach?

    Thanks for your attention!
     
    Jan Bours, May 3, 2005
    #1
    1. Advertising

  2. Jan Bours

    °Mike° Guest

    In <d58dhl$m6l$1.ov.home.nl>,
    Jan Bours took 18 lines to utter:

    >When I use the FTP-command (from the command-line) to update files belonging
    >to a website, the password that you supply with it is sent IN CLEARTEXT over
    >the wire
    >and the Internet. This can become a real security-problem when these
    >file-updates
    >are done lets say 10 times per hour or so. But even when this is done not so
    >often,
    >the password can be "stolen" by packet-sniffer-software.
    >
    >Is there a way to prevent this from happening? Can it be done with a special
    >FTP-version
    >or do you have to use a completely different approach?
    >
    >Thanks for your attention!


    Try Secure iXplorer (shareware)
    http://i-tree.org/


    --
    Basic computer maintenance
    http://uk.geocities.com/personel44/maintenance.html
     
    °Mike°, May 3, 2005
    #2
    1. Advertising

  3. Jan Bours

    fkasner Guest

    °Mike° wrote:
    > In <d58dhl$m6l$1.ov.home.nl>,
    > Jan Bours took 18 lines to utter:
    >
    >
    >>When I use the FTP-command (from the command-line) to update files belonging
    >>to a website, the password that you supply with it is sent IN CLEARTEXT over
    >>the wire
    >>and the Internet. This can become a real security-problem when these
    >>file-updates
    >>are done lets say 10 times per hour or so. But even when this is done not so
    >>often,
    >>the password can be "stolen" by packet-sniffer-software.
    >>
    >>Is there a way to prevent this from happening? Can it be done with a special
    >>FTP-version
    >>or do you have to use a completely different approach?
    >>
    >>Thanks for your attention!

    >
    >
    > Try Secure iXplorer (shareware)
    > http://i-tree.org/
    >
    >


    Or try FTP-Pro or for that matter any available SSH implementation. I
    believe there is a MS version of SSH that Windows users can use.
    FK
     
    fkasner, May 3, 2005
    #3
  4. Jan Bours

    FML Guest

    Jan Bours spewed forth...

    > When I use the FTP-command (from the command-line) to update files
    > belonging to a website, the password that you supply with it is sent
    > IN CLEARTEXT over the wire
    > and the Internet. This can become a real security-problem when these
    > file-updates
    > are done lets say 10 times per hour or so. But even when this is done
    > not so often,
    > the password can be "stolen" by packet-sniffer-software.
    >
    > Is there a way to prevent this from happening? Can it be done with a
    > special FTP-version
    > or do you have to use a completely different approach?
    >
    > Thanks for your attention!
    >
    >
    >
    >


    Here is a primer on SecureFTP:

    http://www.intranetjournal.com/articles/200208/se_08_14_02a.html

    HTH
     
    FML, May 3, 2005
    #4
  5. Jan Bours

    Plato Guest

    Plato, May 3, 2005
    #5
  6. Jan Bours

    Jan Bours Guest

    I think I will look into this tomorrow. I need a command-line-tool that is
    secure,
    with which my ISP can co-operate. I don't know which FTP-features they
    support!
    So I don't know yet which secure-FTP-version I can use.

    HTH

    "FML" <> schreef in bericht
    news:Xns964B941BEB850NyEtSpAm@216.196.97.136...
    > Jan Bours spewed forth...
    >
    > > When I use the FTP-command (from the command-line) to update files
    > > belonging to a website, the password that you supply with it is sent
    > > IN CLEARTEXT over the wire
    > > and the Internet. This can become a real security-problem when these
    > > file-updates
    > > are done lets say 10 times per hour or so. But even when this is done
    > > not so often,
    > > the password can be "stolen" by packet-sniffer-software.
    > >
    > > Is there a way to prevent this from happening? Can it be done with a
    > > special FTP-version
    > > or do you have to use a completely different approach?
    > >
    > > Thanks for your attention!
    > >
    > >
    > >
    > >

    >
    > Here is a primer on SecureFTP:
    >
    > http://www.intranetjournal.com/articles/200208/se_08_14_02a.html
    >
    > HTH
     
    Jan Bours, May 3, 2005
    #6
  7. Jan Bours wrote:

    > When I use the FTP-command (from the command-line) to update files belonging


    Do sensors detect a Windows user that knows how to use the command line?

    <dropping dead>

    --
    Blinky Linux Registered User 297263
    Killing all Usenet posts from Google Groups
    Info: http://blinkynet.net/comp/uip5.html
     
    Blinky the Shark, May 4, 2005
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. COMSOLIT Messmer

    IT-Security, Security, e-security

    COMSOLIT Messmer, Sep 5, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    619
    COMSOLIT Messmer
    Sep 5, 2003
  2. Frosty

    ftp://ftp.isc.org

    Frosty, Nov 22, 2006, in forum: Computer Support
    Replies:
    2
    Views:
    1,078
  3. Mike Easter

    Why can't I access ftp://ftp.isc.org/ ?

    Mike Easter, Mar 14, 2007, in forum: Computer Support
    Replies:
    10
    Views:
    871
    Vanguard
    Mar 15, 2007
  4. Replies:
    1
    Views:
    481
    Lutz Donnerhacke
    Sep 13, 2007
  5. inventor1984
    Replies:
    4
    Views:
    1,635
    Dave \Crash\ Dummy
    Dec 21, 2009
Loading...

Share This Page