FTP -- File Transfer Protocol -- suffers from a vulnerability similar to telnet. Essentially, FTP is used to transfer files from one computer (such as a personal workstation) to a remote host (such as UMBC's gl server cluster). Like telnet, FTP broadcasts sensitive information in cleartext, meaning your username, password and (quite possibly) the contents of your transmitted files could be exposed during an FTP session to anyone between your computer and the destination server.
The cleartext problem with FTP can be effectively remedied by using an alternative, more secure protocol such as scp (Secure Copy). Scp, much like ssh, uses secure shell encryption to protect your information in transit.
Reply with quote