cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
448
Views
0
Helpful
3
Replies

FTP protocol security Vulnerabilty

mrbzumrbzu
Level 1
Level 1

Hi All,

My company only allows few protocol outbound to internet like http and https. we are not currently allowing the FTP outbound. My question is that is the FTP protocol outbound access has some flaws or any security vulnerabilities inside it? Is there any reason, i should not allow FTP outbound for people in my company. Currently we are allowing only few FTP sites on firewall and blocking the rest.


Thanks

3 Replies 3

Hi,

FTP is sent in clear text.

So, it is vulnerable to any man-in-the-middle attacks for example.

Have you considered using SFTP?

Federico.

Hi,

This is only general oubound connections not inbound. My company staff members would like to have Full ftp access on port 21 outbound. is there any reason i should reject this request due to security vulnerability. I know the FTP is unsecure and passing the passwords clear text. Now a days you can use the http for the same aim as FTP like downloading and uploading files so blocking FTP seems not reasonable... what you think?

Hi,

There's no much difference from a security perspective of allowing outbound FTP or outbound HTTP or some other non-secure protocol.

What you can do is allow the outbound access but make sure that this outbound access is permitted only to those that are allowed to access the service.

Create ACLs to permit only the IP addresses in question and require some sort of authentication of the valid users.

If possible keep an accounting of the FTP transactions also.

In short, you can allow FTP (if needed for business purposes), but make sure you restricted to be used by only intended users and to the intended site(s).

Federico.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: