FTP vs. FTPS

March 2nd, 2014 by Rossy Guide

What is FTP?

FTP is an acronym for File Transfer Protocol. It is a standard network protocol used to transfer files from one host to another host over a TCP-based network, such as the Internet.

FTP, you can update (delete, rename, move, and copy) files at a server. You need to logon to an FTP server. However, publicly available files are easily accessed using anonymous FTP.

Basic FTP support is usually provided as part of a suite of programs that come with TCP/IP. However, any FTP client program with a graphical user interface usually must be downloaded from the company that makes it.

What is FTPS?

FTPS (also known as FTP-ES, FTP-SSL and FTP Secure) is an extension to the commonly used File Transfer Protocol (FTP) that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols. FTPS should not be confused with the SSH File Transfer Protocol (SFTP), an incompatible secure file transfer subsystem for the Secure Shell (SSH) protocol. It is also different from Secure FTP, the practice of tunneling FTP through an SSH connection.

– When establishing an SSL secure session, the following steps occur:
– Authenticate the server to the client.
– Allow the client and server to select the cryptographic algorithms, or ciphers, that they both support.
– Optionally authenticate the client to the server.
– Use public-key encryption techniques to generate shared secrets.

SSL is a commonly-used protocol for managing the security of a message transmission on the Internet. SSL uses the public-and-private key encryption system from RSA, which also includes the use of a digital certificate. The use of the digital certificate is the only difference between FTP and FTP/S. The FTP/S gateway supports standard FTP/S with clear control channel (CCC) enabled.

 Comparison

FTP

FTP classic

  • Plain FTP
  • Clear-text password sent over the network
  • Typically runs over TCP port 21
  • Defined by RFC 959 and 1123
  • Implemented in FTP/SSL component

FTPS

FTP over TLS/SSL

  • Often called ‘FTPS’
  • Often called ‘Secure FTP’
  • Plain FTP over TLS/SSL channel
  • Password is encrypted
  • Transfer is encrypted
  • Typically runs over TCP port 21 or 990
  • Defined by RFC 959, 1123, 4217 and 2228
  • Implemented in FTP/SSL component

 

 

 

 

 

 

 

 

 

 

 

Conclusion

SFTP and FTPS are both very secure with strong authentication options. In general, SFTP is technologically superior to FTPS. Since SFTP is much easier to port through firewalls, and FTPS due to this reason (needs a range of opts to be opened) puts additional security treats to the network, I believe SFTP is the clear winner in case you need a secure FTP for your application integration needs.

In our protocol evaluation, considering the above points, I feel we can go with SFTP for secured file transfer and can omit FTPS. FTPS is omitted not because it is not suitable, but because it does the same things as SFTP and is superior in many ways as opposed to FTPS. There are good reasons to support both FTPS and SFTP for secure file operations, and FTP for legacy devices. Organizations rarely have the option of supporting only one file transfer protocol, and solutions that supports all 3 are common-place today.

Data Protection Within a Business Environment

March 1st, 2014 by Rossy Guide

Millions of businesses

Thousands of businesses lose millions of dollars worth of data to fire, power outages, theft, equipment failure, and even simple operator mistakes.  Studies show that nearly half the companies that lose their data in a disaster never reopen.  Ninety percent of these data losses occur because of power failures, lightning, user mistakes, and other hardware and software failures. Contact us today about data protection.

Most business owners would be appalled if they knew the risk they are taking by failing to properly back up their data.  It’s more important than ever to protect the data your business depends on with a solid backup strategy.  That’s where we can help. We provide a secure, automatic and inexpensive solution that can make sure your critical data is fully protected.

Important information

Rules that apply to all businesses

– All personal information must be used for limited purposes and not used in any way that is incompatible with those purposes.
– The information must be the minimum that is required to deliver the service.
– The information is accurate.
– The information is secure.
– You should not keep the information for longer than is necessary.
– The information must not be transferred to other countries that do not have adequate data protection laws.

Keeping information secure

Whenever you collect information about an individual you are automatically obligated to ensure that the information remains secure. If you are storing information electronically then you must ensure the systems which you utilize to do this are safe and secure. You should also ensure that once the information is no longer needed to deliver the service to the customer the information is erased or destroyed.

The customer’s rights

If you hold personal information about an individual or business then they has a right to request a copy of all the information you hold about them, you may charge up to £10 to the customer as an administration fee for providing this information. This is known as a ‘Subject Access Request’ and must be made in writing by the customer. The information must be presented to the customer in a clear legible format and delivered with 40 days of making the request.

Privacy Statements

A privacy statement is a written notice that is made available to all users of your service and clearly defines how personal information will be collected, stored, utilized and disposed of.

Risks

Good health and safety practice makes sound business sense. You can:

– Protect your workers from the suffering caused by accidents
– Reduce employee absences and sick leave
– Potentially reduce your insurance premium
– Protect your business against the unforeseeable
– Maintain your organization’s reputation

Security

Securing your business’s data is not easy, and it takes expertise. Here are eight simple things you can do to protect your business data:

– Conduct a security audit
– Make staff aware of the important role they play in security
– Use strong and multiple passwords
– Encrypt your data
– Back up
– Have security policies
– Protect your mobile work force
– Implement a multiple-security-technology solution.

Remote Access To Windows Server

April 11th, 2010 by Laz Hart

Routing and Remote access also known as RRAS in the windows server family, is well known to system administrators for its reliability and productivity enhancement. Some of the most commonly used features are the dial-up remote server access, Virtual private network (VPN) remote access server, Internet Protocol (IP) router for connecting subnets of a private network, Network address translator (NAT) for connecting a private network to the Internet and the Dial-up and VPN site-to-site demand-dial router.

Inside RAS
One of the most useful services is network address traslation or NAT which provides the small home network or a corporate network the ability to connect to the internet. Firewalls and surf filter programs restrict ports and addresses and make it possible to browse the web safely. The IP router service enables connections across networks through other secondary networks and gateways.

In the past decade, dial-up connection was a popular method of internet access and people connected using a telephone line and modem using a preassigned user name. Today most businesses and even home users use the more reliable VPN connection, which provides windows remote access and secure data transfer.

All of these features are available together as one single RRAS in the windows family, and enable us to build, manage and access the internet, using a varieties of choices for the system administrator.

Guide to Windows Batch FTP

March 27th, 2010 by Nick Cruise

In order to access Window’s MS-DOS (Microsoft disk operating system) batch FTP, you need to first go to a DOS prompt, type FTP, and then hit enter. Once you’ve executed the program, then congratulations! You’ve just discovered the Windows-incorporated command-line FTP application that ships together with Windows NT or 95 and beyond. You can use this DOS-based FTP just like any other FTP client, except this time around, you need to at least have a basic understanding of how the old standard of MS-DOS works.

Scripting using FTP
FTP scripting is a relatively easy task. All you need to do is make a text document using FTP commands and use it to make your DOS-based FTP program do whatever you want without you manually entering each and every last command you need. For example, your script may contain the following commands:

open ftp.domain.com
mikesmith
t3n4y488
cd public_html
dir
get file.txt
bye

In order to execute the script if it were named “filetxtget.txt”, you should type:

ftp -s:filetxtget.txt

This script will help you login to the FTP site ftp.domain.com. Instead of waiting for a prompt for a username and password, the script itself will handle the details of your connection; you just need to substitute “mikesmith” for your username and “t3n4y488” for your password.

After you’ve logged in, the script will immediately access the public_html directory, retrieve a directory listing, and then utilize the “get” command to recover the file named file.txt. As soon as the file has been downloaded, the script will automatically log you off with the “bye” command. It’s that simple. At any rate, if you find Windows FTP’s scripting options sparse and limiting, consider using WinSCP.

Command Line Options for FTP
FTP has the following command-line options: “-v” represents the command that holds back the display of remote server responses. Meanwhile, “-d” activates the debugging feature, while “-i” deactivates interactive prompting whenever you’re doing numerous file transfers. Meanwhile, the “-s:filename” command (wherein “filename” represents the text file script you made) will automatically execute whatever commands are specified within your FTP script file after FTP starts.

Moreover, you shouldn’t confuse “-a” with “-A”. The lower case “-a” refers to the use of any local interface when you’re binding a data connection. In contrast, “-A” allows you to login to your FTP server anonymously. Furthermore, “-n” refers to auto-login suppression once an initial connection has been established, while “-w:buffer” refers to the override command for the default transfer buffer size of 4096. Finally, the “host” command allows you to know the IP address or host name of the remote host you’re connecting to.

Local FTP Commands
The local FTP commands you can use include the following: rmdir, open, lcd, close, rename, mput, help, cd, remotehelp, mls, hash, bye, verbose, recv, mkdir, glob, binary, user, quote, mget, get, bell, type, quite, mdir, disconnect, ascii, trace, pwd, mdelete, dir, append, status, put, ls, debug, ?, !, send, prompt, literal, and delete.

For many an administrator, having a built-in FTP program available on most DOS-based Windows operating systems is a very useful advantage. Unfortunately, it could also alienate modern PC enthusiasts because of their unfamiliarity with the old platform. Using FTP is hard enough as is, so adding the factor of it being in MS-DOS can make things a lot more complicated than they should be. Nevertheless, by educating yourself with basic FTP commands and streamlining the process with an FTP script, you should be able to use the program much easier and faster.

Secure File Transfer With SFTP

March 22nd, 2010 by Laz Hart

SFTP based secure file transfer also known as the SSH File transfer protocol, is one the of the most used secure network protocols that provide reliable file access, transfer and management. The main idea of using the windows SFTP is that you are able to run it over a secured channel. The server also authenticates the client securely.

Setting up SFTP
The first step to setting up a SFTP Service under Windows is to download and install a SSH or SFTP Server program for windows like Sysax Multi Server. You also need to have a SFTP client component installed to be able to communicate to the SFTP server. You should then create user accounts and passwords. Under windows, most SSH server software provides access to a graphical user interface. Under unix systems, the mkgroup and mkpasswd commands can be used to create user accounts.

The use of a user group makes it very easy to manage a number of similar users. You will also need to specify a home folder for the account. This is the folder that the user will be placed in by default once they login successfully. The standard SFTP port is 22 but this can be changed to provide more security against port scans.

FTP vs SFTP
The main difference between a FTP Server and an SFTP Server is that in FTP, all data transferred between the client and server is sent as plain text without any form of encryption. This makes it possible for an eavesdropper to listen in and retrieve confdential details including login and password information. However, with SFTP, all of this data is encrypted before it is sent across the network and there is no possibility of decrypting and retrieving this information.

File transfer in the Windows server family

March 21st, 2010 by Laz Hart

The story of File Transfer as an IETF RFC standard started in the year 1971 and after that it took over 20 years to become what it is right now. The last version of the FTP protocol was code named RFC 959 and was developed in the year 1985 and it is still the same service, with minor changes in specifications.

IIS FTP Service
The main idea of the IIS ftp service in the Windows server family is to have a reliable place where you can store all needed information for your business, personal use and so on. The main Windows platform we will use as an example is Server 2003. In this OS, we have the option to install the integrated pack for using the FTP service. Of course it up to each customer, or just a single user, to have any other software solutions, but my experience with the built in services in the windows family will help me explain to you, more detailed info about the integrated service.

First of all in the Server, you will have to select the IIS or internet information service that you can add to host a FTP server on the local machine. It’s important to have the IIS turned on, because it also provides a GUI of the FTP service, which is very user friendly and much easier to use.

Setting up IIS FTP Server
The first step is to add the service by installing it using the add remove section in the control panel. Then, you have to add various user accounts to the service. The most important part of the setup of FTP are the following steps. After the installation you will be able to assign an IP in order to use it. If the IP is internal, for example 192.168.xxx.xxx ,you will be also able to use it locally, but also have in mind that you are probably behind a router and you will have to prepare the Router to accept and allow FTP connections on port 21.

The second step is to add the exception in the windows firewall for port 21. This means, that you will be able to use the FTP over the net. Without this step, you can only access the service locally. The next step is to add the directory, which will be the root directory, and after that, there will be stored the local user’s directories, which will be used. You will also need to set up the directory and provided User’s rights to each of these directories. The user himself, can use several programs to access the FTP server. He is supposed to have a User name and password/already granted by the server’s admin, They can use an FTP client in passive or active mode. The user information can be storeed over the network or locally using the File transfer protocol in the Windows OS server family. However, keep in mind that FTP itself is not too secure as a service and most of the modern system administrators may need to switch to SFTP, which is more secure.

Windows FTP Security Tips and Tricks

March 19th, 2010 by Nick Cruise

The file transfer protocol (FTP) is one of the most popular and oldest services used with the Internet to date. In particular, the Windows format itself enjoys this simple and reliable method of transferring files over a network as part of IIS (Internet Information Service) 5.0 and beyond (the latest of which is IIS 7.5 for Windows 7 and Windows Server 2008).

Whether you want to use Windows FTP as a standalone service or combine it with a number of other Windows resources, this classic network tool empowers administrators with a multitude of options that’ll help make file transfer a lot more secure and dependable. Here are several basic yet sound recommendations using options native to Windows operating systems that can be employed to secure FTP operations.

Disable Anonymous Access
Anonymous access is typically enabled by default whenever you first install FTP services to your Windows OS. To put it simply, this option allows most anyone to access your FTP site without needing a user account. Although there are some customer-based businesses that can benefit from this default configuration, most other organizations view this setting as a way for hijackers to easily gain unauthorized access of their FTP site to the point that it’ll be used to house copyrighted material and illegal files for their own personal gain.

Removing the default anonymous access configuration is the very first thing you must do to ensure your FTP security. By doing so, you’ll be able to restrict and control access to your FTP site by only admitting the successful authentications of an approved user account. Meanwhile, your access control list (ACL) handles the configurations of your access controls as described on the FTP home directory using NTFS permissions. To restrict anonymous access, just go the security accounts tab of your FTP site’s properties page and clear the Allow Anonymous Connections box.

Enable Logging
By opting to enable the logging option on your FTP server, you can guarantee that you’ll have precise and accurate logs of which users and IP address have attempted and successfully accessed your site. Regularly maintaining the sound practice of routinely reviewing your records can allow you to identify any security threats or breaches and examine your traffic patterns for posterity’s sake.

To configure your FTP site so that it can enable logging, you should go to the properties page of your site, find the FTP Site tab, and then select the Enable Logging box. Once you do this, the logs will be made in a format of your choice and can be accessed later on for analysis and examination of access controls and/or traffic patterns.

Harden Your ACLS
By using strict ACL restrictions across NTFS permissions, you’ll be able to regulate, control, and safeguard access to your FTP directory. This cannot be emphasized enough; making sure that your FTP directory doesn’t allow most anyone who bothers to access your FTP to have full rights is of the utmost importance to you as an FTP site administrator. Allowing such a circumstance to happen is just asking for trouble, especially since it will be extremely hard for you to control your workgroups this way.

Restricting your workgroups to Read, Write, and List only (i.e., the option where the Execute action is forbidden) is par for the course, but in case of a blind put setting, you should also disallow Read and List and only enable Write access on your directory for optimum security and maximum control over the users accessing your FTP site.

File transfer in a global workspace

March 14th, 2010 by Jim Elston

Using file transfer in business
In this modern age of information technology file transfer between multiple sites is common place, Businesses are often spread across multiple sites or required to supply files to clients and suppliers in many different formats and locations. Still common is file transfer protocol or FTP,  and often businesses have a presence in FTP that allows them to send and receive files easily.

This is a method that works well in the majority of cases and putting aside the security problems associated with this it is a good alternative to email when message limits exist in many corporate environments (large email solutions exist but this are often with third parties such as mailbigfile.com). One of the downsides of file transfer starts being apparent over long distances – ftp bandwidth starts to suffer over these distances due to the nature of the TCP protocol that FTP sits ontop of. This often creates the feeling of ftp latency and an increase in the bandwidth for the FTP application.

TCP is optimised for accuracy in its data stream rather than getting the data to its destination in a timely maner. This often creates long delays (upto seconds) while the stack is waiting for out of order messages or retransmission of lost messages or packets. TCP reacts to out of order messages or lost messages by reducing thr transmission window size which increases the latecy by only allowing a few messages to be sent at any one time untill they are acknolgedged by their destination.

Increasing FTP Bandwidth 
As bandwidth becomes ever cheaper businesses are starting to notice they are not getting the best performance out of their FTP bandwidth and an alternative solution is required, in large digital agencies where getting content and files across the globe needs to be accomplished as soon as possible the latency that comes with FTP and other TCP based file transfer solutions is not acceptable. 

For a few years now, applications have started to appear on the market that take advantage of TCP’s alternative known as UDP. This protocol does not worry about reliability or order in which the messages arrive at their destination, This means that business are able to fully utilise their file transfer bandwidth. This in itself however, raises other issues, The most prominent is the order in which the messages arrive and how to handle lost data, this is often resolved in the application layer and requires the application to request lost packets or reorder packets that have arrived in the wrong order. This would create an extra overhead on CPU and machine performance but this has little effect in today’s computing power and is one that is acceptable in most scenarios to achieve the best ftp bandwidth and reduce ftp latency.

Setting Up A Windows SFTP Server

March 12th, 2010 by Nick Cruise

A Windows-based business development system should function a lot more effectively if it were to have a Windows SFTP server (also known as Secure Shell File Transfer Protocol) installed. In particular, a secure FTP server is a convenient program to have because it lets you login to other computers via a network connection and execute commands on a remote machine, which should translate to a more efficient work development system because you can continue your work so long as you have a computer and an SSH program on hand.

What’s more, a Windows SSH server is a huge improvement from the traditional FTP application because the SSH component ensures that your whole login session (which includes password transmission) is encrypted and safe from the malicious clutches of cyber criminals. At any rate, this tutorial should help you transform your Windows platform into a reliable file transfer server.

Installing Sysax Multi Server on Windows
SSH is usually preinstalled in most Unix-based systems like OS X and Linux. In contrast, a Windows system needs to first download several additional programs in order to make SSH a viable option for Windows-based use. Fortunately, the Sysax Multi Server on Windows offers a handy Windows installer that will install and setup an SSH server into your system without manually searching for plugins, patches, and a variety of individual files on the Internet.

The Sysax Multi Server is a multipurpose application that lets system administrators validate and confirm users by creating custom accounts or by using existing Windows user accounts or by doing a combination of both methods. Once you have this SFTP server suite installed, streamlining your work development system is a relative snap. Moreover, its web-browser-based interface is a particularly welcome feature that lets you monitor server status instantly without any problem whatsoever.

Configuring Sysax Multi Server on Windows
Locally or remotely configuring your Sysax Multi Server is a breeze because you can use a web browser to do both. You just need to keep in mind that local administration requires HTTP, while remote administration requires HTTPS. As per usual, validating your access to the browser-based configuration interface requires the specification of a username and password.

As for the server startup configuration, you need to open the Sysax Multi Server administration application and pick the two options on the automatic startup screen. You can either start the server manually from the administrator panel or automatically after booting Windows. Choose the startup method you want and click “Save” to finish the entire procedure.

Connecting to your SFTP Server
In order to connect to your new SFTP server, getting an FTP client is in order. FileZilla and WinSCP are highly recommended programs to use alongside Sysax Multi Server because they’re shareware and they support both SFTP and FTP clients. If you want to check to see if your server is running properly, make a new connection in your designated client and specify 127.0.0.1 or local host as the server name, 22 as the port, and SFTP as the server type. From there, connect to your server.

You should see a directory listing where you directed the home folder to if the entire operation executed with nary a hitch. If you encountered an error or if the procedure didn’t work, there are several ways to troubleshoot the problem. Firstly, ensure that your Windows firewall is configured to enable traffic over port 22. Secondly, examine your password file to guarantee that the account you have is found there.

Windows FTP Information And Help

March 9th, 2010 by Nick Cruise

Easy remote host connection was arguably started with the invention of the File Transfer Protocol (FTP), and it’s such an effective program that many administrators still use this application for their work development systems to this day. At any rate, for those who aren’t used to the command-line nature of old-school Windows FTP found on Windows 95 or NT, this guide should help quite a bit in enumerating the commands you need to use and what they’re used for.

About FTP
FTP refers to a type of protocol that’s used by a whole collection of computer applications that handle data or file transfer from one PC to another. It’s a term that came from the Massachusetts Institute of Technology (MIT) back in the early seventies when mainframes and time-sharing were prevalent and personal computing hasn’t become part of the mainstream yet.

The foremost objective of FTP is to guarantee that the file transfer process is as simple and fast as possible regardless of how slow your Internet connection is in order to reduce the problems a user usually faces when it comes to handling the complex sequence of events needed to accomplish this operation. In any case, this article has a lot of practical information and content concerning the FTP command that’s built-in with both MS-DOS (Windows) and Unix.

Windows FTP
Nowadays, FTP clients come in the form of intuitive Windows programs; but if for some reason you’d rather access your FTP server without using such software, the built-in FTP command found in MS-DOS-based Windows operating systems will suffice. This Windows FTP is accessible from the MS-DOS prompt. You just need to type “open ftp.address.domain” in the command line (wherein “domain” is the domain name that usually ends in “.com” or “.net”, and “address” is the name of the server) in order to access this application.

You can also type in IP addresses (e.g., “255.255.255.0”) in order to open your FTP server immediately because they can serve as substitutes to your server’s domain name and address. After connecting successfully to your server, it will prompt you for your username and password; from there, you should have no problem accessing and transferring files between your local computer and remote computer.

FTP Commands
The commands used for console FTP are quite numerous, so we’ll only cover the more significant ones for the sake of brevity. If you want to learn more about FTP commands, feel free to research them on the Internet or test them out on your own. At any rate, depending on which version of FTP you have, the following commands may or may not work for you; in order to check which commands are available on your FTP, just type “help” or “?” to bring forth a list of available commands.

First off, “!” allows you to toggle back and forth between your operating system and FTP. Meanwhile, typing “exit” on the operating system should bring you back to the FTP command line. As already mentioned, “?” or “help” lets you access the help screen as well as a list of available commands. Meanwhile, “abor” refers to abort transfer, “cd” enables you to change directories, “delete” helps you remove a file, “debug” activates and deactivates the debugging mode, “cwd” changes the working directory on a remote system, “cdup” changes the parent directory on a remote system, “binary” enables the binary transfer mode, and “bye” allows you to exit from the FTP command line.