NetTalk Central

NetTalk FTP => FTP - Ask For Help => Topic started by: Mike McLoughlin on April 04, 2009, 02:03:27 PM

Title: Packet Sniffing?
Post by: Mike McLoughlin on April 04, 2009, 02:03:27 PM: As part of my web app I want to allow upload of files - but a customer has said he wouldn't use the app if it used straight FTP because the user/pasword are sent in plain text and "anyone with a packet sniffer" could read them.

Is this a "real" danger? has anyone had experience of this happening?

regards

Mike
Title: Re: Packet Sniffing?
Post by: Bruce on April 04, 2009, 11:04:04 PM: hi Mike,

yes, it's a real danger. FTP is quite an insecure protocol. There are ways of securing FTP but they're icky.

But you're making a web app, so it's easy to allow users to upload files using the Upload Form Field type. See example 26. This uses HTTP not FTP, and then if you want secure it's just a case of flipping the switch to HTTPS.

Cheers
Bruce

SMF 2.0.19 | SMF © 2021, Simple Machines