Wednesday, June 18, 2008

Problems with FTP

Traditionally, electronic files such as scripts, graphics, documents and spreadsheet was transfered between computers with FTP (File Transfer Protocol). The files could be placed in public places for anyone to access with a login name or as anonymous.

However, the alternative to FTP is sFTP (secure File Transfer Protocol). What is the problem with FTP? Why stop using FTP?
  1. FTP sends the login username and password across the network as clear text.
  2. Typical network firewall needs to be altered to open up min 2 ports for FTP.
  3. FTP communication talks too much. A typical connection goes like this, you contact the server, do handshake, you the get a banner, you then send your name to the server and wait for the server to acknowledge. Then you send your password (in plain clear view for everyone to see) and wait for the server to acknowledge, then you send the type of inquiry (how you want the server to respond). This isnt even anywhere near the actual transfer of the file.
  4. FTP does synchronous communications.
  5. Complex firewall configuration for FTP servers and FTP clients. FTP servers prefer active transfer while opening inbound port 21, outbound port 22. FTP client firewalls prefer passive transfer while opening outbound from any port to port 21, inbound any port to any permitted (ephemeral) port.

sFTP is a completly different protocol (method) of network file transfer.

3 comments:

C.S.Lee(geek00L) said...

hi nicholas,

port 22 is awful.

Kam Weng Kit (William) said...

Nick linked yr blog to mine. He He like the way u look on those suit.

Tboxmy said...

Lee,

Whats so awful about port 22?
Using sFTP, you dont need to use the wide range of ports and having to use the two different TCP ports. Configuration of firewall is also easier with sFTP.

Blog Archive