LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What is FTP, and why is it considered a security relic in 2026?

FTP (File Transfer Protocol, RFC 959, 1985) transfers files between hosts. It's insecure because credentials and data travel in plaintext — modern systems use SFTP, FTPS, or HTTPS instead.

The basic flow:

ftp ftp.example.com
> Username: anonymous
> Password: anything@somewhere.com
> ls
> get file.txt
> quit

Why FTP is dangerous:

Issue Consequence
Plaintext credentials Anyone sniffing the network sees username/password
Plaintext data File contents visible to eavesdroppers
Two ports Complicates firewalling — port 21 (control) + port 20 (active data)
NAT issues Active mode breaks behind NAT — IPs in protocol payload don't match
No integrity Attacker can modify files in transit

Anonymous FTP:

A historical convention: anonymous user with any email as password. Used for public file repositories (e.g., Linux mirrors, software distributions). Still common but increasingly replaced by HTTPS download links.

Common FTP response codes:

Code Meaning
200 Command OK
220 Service ready (banner)
331 Username OK, password needed
230 Login successful
425 Can't open data connection
530 Login incorrect

Modern replacements:

Replacement What it adds
SFTP SSH-based, single port (22), encrypted, fully replaces FTP
FTPS FTP + TLS — adds encryption, still uses two ports
HTTPS download Simpler, browser-friendly, encrypted
rsync over SSH Efficient incremental sync

Why FTP is still worth understanding:

Pedagogically clear — the protocol is plain text, you can literally read commands and responses in Wireshark. Excellent for understanding how application protocols are structured.

Tip: If you encounter a real FTP server in 2026, treat it as a legacy critical issue. Either upgrade to SFTP/FTPS or wrap it in a VPN. Never use plain FTP across the internet.

From Quiz: INTROL / Protocol Analysis | Updated: Jul 14, 2026