approach to securing ftp service ?

Posted on 2004-11-19
Last Modified: 2010-05-18
as you know, information transferred betwen ftp client and server are not protected. So please tell me how many approach to secure ftp service ? which are they ? compare them ?
Now which approach is most widely used ? if you can please give me some technical documents about these approach.

I wanna got a perspective view of securing ftp service. Thanks in advance.
Question by:hoaivan
    LVL 14

    Accepted Solution

    Some options...

    Use regular old FTP, but encrypt and sign the files with PGP or similar.

    Use FTP/SSL (aka ftps) - This is an IETF standard-tack extension to FTP, but not yet widely implemented. See

    Abandon FTP and use SFTP, the FTP-like interface to SSH. You have to be careful to setup the accounts so that they can only be used for SFTP and not also for regular command-line login, though.

    Abandon FTP and use HTTP/S (yes, it can do both uploads and downloads). There are a variety of Perl and PHP modules out there to make this easy to do.

    Tunnel the existing FTP connection in IPsec.

    Use a commercial file transfer product such as ValiCert (actually uses ftps under the hood in this case).

    Author Comment

    But which approach is and will be the most widely use ? Is FTP over SSL ? I found that many ftp server and client support it.
    LVL 14

    Expert Comment

    IBM has been pushing FTP/SSL on the mainframe, asd as a result Rumba and other mainframe-centraic players have added SSL support to their FTP offerings.

    However, it is not yet popular in the Unix or Windows words, where SSH is much more popular.

    That could change with the introductoin of the next version of wu-ftpd, which supports FTP/SSL. No word on when that will be out, though (it's been in the works for a couple of years now)

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Email attacks are the most efficient and effective way for cyber criminals and hackers to compromise a computer or network. We often find our-self second guessing the authenticity of an email message, for such instances we can follow practical princ…
    By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now