File Transfer Protocol. A simple client server protocol for transfering a file over a network. Most operating system come with the client application. FTP provides no confidentiality or integrity to the data being trasfered.
Questions tagged [ftp]
136 questions
10
votes
4 answers
If I try to log into the wrong host with FTP do they now have my credentials?
Say I make a typo in the host name.
Are my credentials now somewhere in the wrong hosts server log?
Should I go about changing my credentials just in case now?
Serhiy
- 203
- 1
- 5
9
votes
3 answers
Does FTP provide any type of integrity?
To verify, that the files I have downloaded using it are not corrupted.
Ulkoma
- 8,773
- 17
- 68
- 96
4
votes
1 answer
How was Freedom Hosting 2 hack possible?
Today I read about anonymous attack to Freedom Hosting II, and I was curious about step 3:
How is possible to someone using a FTP client to create a symlink to /? Doesn't that require root access?
How could this kind of attack be prevented?
Source:…
IAmJulianAcosta
- 2,475
- 3
- 16
- 18
3
votes
1 answer
How safe is FireFTP?
After a bad experience with FTP credentials hacking I decided to start using SFTP and stop having FTP credentials stored in clear on my computer (Filezilla).
I now use FireFTP which encrypts credentials. However I was wondering how hard is it for a…
drake035
- 473
- 1
- 4
- 11
3
votes
2 answers
Anonymous FTP Risks
If my IIS 6.0 web server is disabled and the only other service running is FTP, what are the security risks of allowing anonymous FTP read/write, considering that a random person couldn't use any sort of php/asp shell to compromise my system?
Bhubhu Hbuhdbus
- 405
- 1
- 6
- 13
3
votes
2 answers
Is Sublime plugin FTPSync secure?
I use Firefox plugin FireFTP which stores FTP credentials in encrypted files. Sublime plugin FTPSync seems to store FTP credentials in a regular file. Does that make it unsafe to use?
drake035
- 473
- 1
- 4
- 11
2
votes
3 answers
What could happen if someone guessed a password to my FTP server?
I've always wondered what could realistically (and maybe theoretically) happen if one of those "always trying to log in with common passwords" remote addresses guessed my password and gained admin access to my FTP server at home.
From what I…
user1306322
- 916
- 7
- 16
2
votes
3 answers
What are the risks of using FTP?
Are the risks of using FTP essentially the same as the risks of using HTTP? That is my current understanding, and reading an answer (Risks of using HTTP when I trust the local network) on the topic seems to offer little help.
Let's say I am moving…
VSO
- 523
- 1
- 5
- 10
1
vote
1 answer
Script injection on different hosting servers = FTP hacking?
I've been seeing the exact same injected script on several of my websites for the last few weeks. Today I realize these websites don't share the same hosting servers, yet the attacks (1) started at the same time (2) are identical.
Does this prove…
drake035
- 473
- 1
- 4
- 11
1
vote
1 answer
Is the ftp server insecure, or someone is sniffing our ftp passwords?
Some of the sites that I work with was compromised a while ago, I requested the FTP logs from the hosting company and they provided me with this:
ftp.somesite.com 64.29.xxx.xxx 87.236.xxx.xxx[09/Jul/2012:13:37:02 -0400] - - "STOR //t2TdyX8f.gif…
user893730
- 363
- 1
- 4
- 6
1
vote
1 answer
FTP Bounce attack, what's wrong?
I'm studying security in a training lab, and I'm trying to implement the infamous FTP-bounce attack.
I'll use a remote FTP server (called BOUNCE here) in order to access a folder on the VICTIM machine which is forbidden for my IP address. I don't…
ahg8tOPk78
- 161
- 1
- 4
0
votes
1 answer
What to do against continuous FTP attack
I have a server (windows 2008) and this server uses WebsitePanel to host some websites.
I tried to setup Mozilla FTP server, but I cannot get this to work. As I do not use it I do not mind.
However by accident I almost immediately noticed that a…
0
votes
1 answer
Access an ftp server gives me the passwd file though no shadow
I have gain access to a server via ftp which is showing me the passwd file with 2 users via ftp://1.2.3.4/../etc/passwd
output is:
root:*:0:0:root::
ftp:*:109:117:Anonymous FTP::
As such the shadow file is not available and doesn't give the same…
Ziconius
- 3
- 2
0
votes
3 answers
How can I prevent my FTP from being hacked?
My FTP was hacked, a file has been uploaded and the host suspended the website temporarily. I'm only using an admin page that points to an .xml file (to load and modify the text of my website). I don't have any databases.
I'm going to add a…
Paul
- 159
- 2
- 7