Although FTP is incredibly useful and simple to use it is not without its critics.

File contents and passwords and are sent in plain text format, which therefore could be intercepted by eavesdroppers or ‘sniffers’ as they are technically known. There are now protocol enhancements that get round this, for instance by using SSL (Secure Sockets Layer) or TLS (Transport Layer Security).

Whilst files are being moved around, multiple TCP/IP connections are used by the server. One connection is used for controlling the connection, and one for every download, upload, or directory listing. The firewalls in between your computer and the FTP server may need additional logic or configuration changes to manage these connections.

It is possible for a hacker to abuse the FTP protocol’s built-in proxy features. They could tell a server to send data to a particular port of a third computer.

The File Transfer Protocol has a high latency due to the volume of commands needed to initiate a transfer.
When the files arrive at the destination computer there is no integrity check on the whole file itself. So when a file transfer is interrupted, the receiver cannot know if the received file is whole or not. The result is a file on the destination side that is perhaps not the same size as the original file on the sender side.

This entry was posted on Wednesday, May 21st, 2008 at 10:00 am and is filed under Industry News. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.