Unsure FTP protocol

**Hansoon** · 09-14-2022

Guys, it is well known that the FTP protocol is unsure since the data is not encrypted and can be peeped at, at any time. So one should wisely not have sensible or perhaps any data sitting at an FTP server accessible from outside his in-house network. But would there be an IT-risk having a FTP-Server active only for the purpose of receiving scans with non-sensitive data from a MFP when that data is anyway later on transferred elsewhere? I mean, is only the fact that there is an FTP-Server active listening in a network itself possessing an IT-risk? In other words, can the FTP protocol/server being itself a risk in opening a hole in the security of a network, giving access to other regions of that network ?

Hans

**allan** · 09-14-2022

Hope someone can chip in on your question. Changing the port numbers and setting a password already helps a bit. There are ways to setup a gateway firewall that could help with security, like allowing only a very specific machine(PC) to access it form outside.

Would be Interesting to know the FTP server by itself with no items in the directory it points could be a risk.

**slimslob** · 09-14-2022

It will open an unsecured backdoor into the local network through which a hacker can install bots that can obtain all passwords, etc.

**allan** · 09-14-2022

Hans could you explain the workflow needed in this case?

Is the FTP transfer from the MFP to the PC on the LAN then transferred over WAN or from the MFP over WAN?

As far as I can gather if the file has been received and the FTP service configured to use a strong password the transferred file is real hard to get to. But if the packets have been captured that password is easy to get to. So if someone is actively trying to get to that metadata like the password and file description they can and then download the file in question from that server. If the local network is properly secured the risk of that is reduced a lot except if your hacker can gain access to the network physically or via wireless and so start sniffing around. If its over WAN there is ways the hacker can direct the FTP traffic to them selves. Where the FTP server itself can be dangerous is if someone send malware that you then somehow execute by mistake.

If the router is setup with good security like IP filtering, MAC filtering, administrator access then the local network and would pose much less of a risk but FTP was not designed with security in mind at all.

**allan** · 09-14-2022

The answer could lie with FTP over SSL or FTPS involving setting up certificates all round including on the MFP that supports it. Not my expertise. SFTP using SSH is one FTPS the other not sure if KM works with either.

Why not the hated SMB in this case?

**Hansoon** · 09-15-2022

Allan the reason for asking was that an IT-guy from a customer was bragging loudly in the presence of the customer that the Scan>FTP I installed, was a very irresponsible act from my side and I never EVER should have done that.

In this case the MFP scans directly to a NAS, nothing else and the data does not even stay in the NAS

He claimed that I should have known that and that I had put the customer's network at a very high risk.......

You can imagine how I felt after this.

Hans

**BillyCarpenter** · 09-15-2022

FTP is considered an unsecure protocol because it doesn't encrypt things like usernames and passwords.

FTPS is a sercure file transfer protocol that uses client certs - FTP over TLS (FTPS)

**Gift** · 09-15-2022

I think running a local FTP server for the purpose of scan-to-folder can't be a major security risk/breach - if someone is able to access it from the outside/WAN you'll probably have some more pressing issues to adress

**rthonpm** · 09-15-2022

Originally Posted by Gift

I think running a local FTP server for the purpose of scan-to-folder can't be a major security risk/breach - if someone is able to access it from the outside/WAN you'll probably have some more pressing issues to adress

It depends on the client. Almost all compliance standards now require as a minimum encryption in transit for data, if not encryption at rest as well. FTP is going to fail that requirement. Even for smaller customers, the risk is likely high because they likely are using consumer grade equipment which is likely out of support, or unmanaged.

If you're setting up an FTP server with no credentials (anonymous authentication) then you also have no control over who can access files sent to it. If configured with passwords, those are sent to the server in the clear so any traffic sniffer can pull them. Even if it's working as a middleman before the file is moved somewhere else, you have a period of time where the files are in the clear.

It's 2022: FTP is a protocol from a very different era. It should be considered as dead as SMB1 in any modern network. Its time has passed.

Sent from my Pixel 6 Pro using Tapatalk

**Brianneoe** · 09-15-2022

"He claimed that I should have known that and that I had put the customer's network at a very high risk...."

The IT guy was right but he is also a Jerk. Shake it off and get on with your day. Some IT guys need to build themself up to justify their existence and the overprice charges. Karma is a bitch.