NetTalk Central

« previous next »
Pages: [1]

Author Topic: Packet Sniffing?  (Read 19204 times)

Mike McLoughlin

  • Full Member
  • ***
  • Posts: 126
    • View Profile
    • Clarion Templates
    • Email
Packet Sniffing?
« on: April 04, 2009, 02:03:27 PM »
As part of my web app I want to allow upload of files - but a customer has said he wouldn't use the app if it used straight FTP because the user/pasword are sent in plain text and "anyone with a packet sniffer" could read them.

Is this a "real" danger?  has anyone had experience of this happening?

regards

Mike
Logged
Mike McLoughlin

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: Packet Sniffing?
« Reply #1 on: April 04, 2009, 11:04:04 PM »
hi Mike,

yes, it's a real danger. FTP is quite an insecure protocol. There are ways of securing FTP but they're icky.

But you're making a web app, so it's easy to allow users to upload files using the Upload Form Field type. See example 26. This uses HTTP not FTP, and then if you want secure it's just a case of flipping the switch to HTTPS.

Cheers
Bruce
Logged
Pages: [1]
« previous next »