CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [85]
The following sections discuss FTP, its vulnerabilities, and ways to secure it.
Blind/Anonymous FTP
Early FTP servers didn’t offer formal security—security was based on the honor system. In most cases, the honor system was used strictly for downloading files from an FTP server to a client; a client couldn’t upload files without using a different logon ID. In some cases, the opposite situation existed, and a client could “blindly” upload files for others but could not download—or even see—any files.
Most logons to an FTP site used the anonymous logon; by convention, the logon ID was anonymous, and the password was the user’s e-mail address. This honor system is still used in systems that want to allow public access to files, and it simplifies administration because only one account is used.
The cost of this implementation, however, is the risk that is taken on. In this situation, the only security offered is what is configured by the operating system.
Secure FTP
Secure FTP (S/FTP) is accomplished using a protocol called Secure Shell (SSH)—a type of tunneling protocol that allows access to remote systems in a secure manner. As discussed earlier, SSH allows connections to be secured by encrypting the session between the client and the server. SSH is available for Unix and other systems that provide capabilities similar to FTP.
Sharing Files
File sharing is accomplished by storing files at an assigned location on the server or workstation. When files are stored on a workstation, the connection is referred to as a peer-to-peer connection. The assigned location is typically a subdirectory located on one of the disk drives on the server or another workstation.
In an FTP connection, you can upload a file from a client using the PUT command. You download using the GET command. Most modern servers and applications allow an application program to access shared files at the record level. This type of sharing allows multiuser applications, such as databases, to function. Web browsers typically accept files from a web server by downloading them from the server. These downloaded files are then processed through the browser and displayed to the user.
FTP’s Vulnerability
FTP has a major flaw: The user ID and password aren’t encrypted and are subject to packet capture. This creates a major security breach—especially if you’re connecting to an FTP server across the Internet. There is also a problem if you’re allowing the use of the anonymous version of FTP: Trivial File Transfer Protocol (TFTP).
Real World Scenario
Remote File Transfers
Your organization has a large number of remote users who transfer files to your system across the Internet. These file transfers are an essential part of your business, and they must be allowed to continue. You want to provide additional security to your users so that information won’t be compromised. How might you accomplish this?
You could implement SSH or other secure protocols for FTP file transfers. Doing so would allow information to be sent across the Internet in a secure manner. You may also be able to use TLS, SSL, or another secure format.
Understanding Network Protocols
Your network may have network protocols running in addition to TCP/IP, and each of these protocols may be vulnerable to outside attack. Some protocols (such as NetBEUI, DLC, and other more primitive protocols) aren’t routable and, therefore, aren’t subject to attack. Of course, there is a great big “unless”: If your router or firewall is configured to pass them, some of these protocols can be imbedded in TCP/IP and may be passed to other systems.
The major protocols used by TCP/IP for maintenance and other activities include those discussed in the following list:
Simple Network Management Protocol TCP/IP uses Simple Network