Computer security is the protection that is set up for computer systems and keeps critical information from unauthorized access, theft, or misuse. There are various practices in place that are widely in use, mainly for the protection of computer systems, networks and preventing potential malicious activities. While computer hardware is secured in the same way that sensitive equipment such as lockers and doors are protected, critical information and system access and authorization, on the other hand, are protected through complex security tactics and practices.
File Transfer Protocol (FTP) and Secure FTP (SFTP) are among the most widely used methods for file sharing. Part of the appeal is that they are simple to use and often free or very inexpensive. Typically, organizations get started with FTP because they have an occasional need to send non-sensitive files. The technology works well in these situations, but when used more broadly it can put your business at risk.
Pros and Cons of Filezilla FTP in case of Secured Enterprise file Transfer.pptx
1. Pros and Cons of Filezilla FTP in
case of Secured Enterprise file
Transfer
Prepared by: Anbesa Jima
2. Introduction
• Computer security is the protection that is set up for computer
systems and keeps critical information from unauthorized access,
theft, or misuse. There are various practices in place that are widely
in use, mainly for the protection of computer systems, networks
and preventing potential malicious activities. While computer
hardware is secured in the same way that sensitive equipment such
as lockers and doors are protected, critical information and system
access and authorization, on the other hand, are protected through
complex security tactics and practices.
• File Transfer Protocol (FTP) and Secure FTP (SFTP) are among the
most widely used methods for file sharing. Part of the appeal is that
they are simple to use and often free or very inexpensive. Typically,
organizations get started with FTP because they have an occasional
need to send non-sensitive files. The technology works well in these
situations, but when used more broadly it can put your business at
risk.
3. • Recent research reveals that more than 400
million files from FTP servers are publicly
available online. Critical data needs to remain
secure and under your control, but FTP was not
designed with secure file transfer in mind and
SFTP lacks security controls to handle today’s
cyber threats
• Computer Security is the protection of computing
systems and the data that they store or access.
• Cyber Security is a set of principles and practices
designed to safeguard your computing assets and
online information against threats.
4. Filezilla FTP
• FTP stands for file transfer protocol; here this article
gives information about the advantages and
disadvantages of File zilla FTP to know more details
about it.
• Before you can determine if FTP is the best way for
your business to transfer data, you need to know what
the drawbacks of using this protocol are. Let’s explore a
few.
• FTP is inherently an non-secure way to transfer data.
When a file is sent using this protocol, the data,
username, and password are all shared in plain text,
which means a hacker can access this information with
little to no effort.
5. What is the issue?
• FileZilla users observed the “complete” FileZilla installer creating an
unidentified process which spawns multiple command line prompts
that append dat files (a generic data file) together.
• Many programs create, open, or reference dat files. These files may
contain data in binary or text format, and typically they are
accessed only by the application that created them. While using
FileZilla, users observed a process that reaches out to random,
unrelated IP Addresses over TCP/80. This can be an indication of
malicious behavior, such as command and control traffic.
• Certain versions of FileZilla Server contain vulnerabilities in their
distribution of OpenSSL. An attacker could launch Denial-of-Service
attacks via multiple attack vectors or use the vulnerable SSL
distribution to cause a buffer overflow and potentially execute
arbitrary code.
• Another issue is for large enterprise or governmental office when
use plan to use filezilla and allowed the ports the attackers follow
that tunnels and gets to your networks.
6. How does the malware get installed on your
computer?
• A pop-up link will alert the user that their FileZilla
application is out-of-date and will direct the user
to the website for filezilla-project.org. The
download from this link delivers a malicious
bundle installation wrapper, a program used to
execute one or more installation program. The
wrapper contains malware such as fusioncore,
installcore, Eldorado, PUP, and PUA. Many of
these may not be detected by anti-virus software.
7. Advantages of Filezilla FTP:
• FTP easily facilitates those large transfers,
• FileZilla provides an easy-to-understand application for
non-IT users
• Moving files between internal servers are very easy with
FileZilla, particularly between Linux and Windows servers.
• FTP is used to allows you to transfer multiple files
• Many more FTP clients also have the ability to schedule a
transfer
• The ability to add items to a queue to be uploaded as well
as downloaded
• The ability to resume a transfer if the connection is totally
lost
8. Disadvantages of Filezilla FTP:
• FTP is vulnerable to brute force attacks,
• Any user with the FTP credentials will have access to everything on the FTP server
• Audit trails aren’t an option with FTP, making it difficult to track down the source of a leak or
monitor project progress.
• Uploading and downloading many files can sometimes be slow. An estimated time of
completion could help make the transition more enduring.
• Sometimes it can be tricky to find out where your file went.
• The application crashes from time to time, causing you to have to start over.
• The editing and viewing feature in FileZilla is not as user-friendly as some other applications.
Editing sometimes requires downloading a file and editing it, and then re-applying the file.
• Placing and saving encryption keys can sometimes be difficult for non-expert users. FileZilla-
driven prompts to assist in this would be helpful.
• Once you delete an item, it is gone forever.
• Updates might be released more often
• Usernames, password, and files are sent in clear text
• Servers can be spoofed to send data to a random port on an unintended computer side
• Filtering active FTP connection is too much difficulty on your local machine
• TLS 1.2 not always supported over https
• X-Force Vulnerability Report FileZilla privilege escalation (1)
• CVE-2019-5429
9. • Filezilla-cve20195429-priv-esc (160288) reported Apr 29, 2019
• FileZilla could allow a local authenticated attacker to gain elevated privileges on the system, caused by an
untrusted search path flaw in home directory. By inserting a malicious 'fzsftp' binary in the path, an attacker could
exploit this vulnerability to execute arbitrary code with SYSTEM privileges
• Confidentiality Impact
• High
• Integrity Impact
• High
• Availability Impact
• High
• Filezilla-local search-dos (157750) reported Mar 1, 2019
• FileZilla is vulnerable to a denial of service. By sending specially-crafted input to the 'Local search' field, a local
attacker could exploit this vulnerability to cause the application to crash.
• Filezilla-addbookmark-dos (151058) reported Oct 10, 2018
• FileZilla is vulnerable to a denial of service, caused by improper input validation of bookmark name. By sending an
overly long argument to the Bookmarks field, a remote attacker could exploit this vulnerability to cause the
application to crash.
• Filezilla-ftpclient-unquotedpath-priv-esc (113140) reported May 11, 2016
• FileZilla FTP Client could allow a local attacker to gain elevated privileges on the system, caused by an unquoted
search path in the C:Program FilesFileZilla FTP Clientuninstall.exe. By inserting code in the system root path, an
attacker could exploit this vulnerability to execute arbitrary code with root privileges.
Confidentiality Impact
• High
Integrity Impact
• High
Availability Impact
• High
10. • Filezilla vulnerabilities and exploits (2)
• Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary
code or cause a denial of service (application crash) via unspecified vectors related to (1)
Options.cpp when storing settings in the registry, and (2) the transfer queue...
• Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote
attackers to cause a denial of service (application crash) and possibly execute arbitrary code via
crafted arguments. NOTE: some of these details are obtained from third party...
• Buffer overflow in FileZilla prior to 2.2.23 allows remote malicious users to execute arbitrary
commands via unknown attack vectors.
• FileZilla 2.2.14b and 2.2.15, and possibly earlier versions, when "Use secure mode" is disabled, uses
a weak encryption scheme to store the user's password in the configuration settings file, which
allows local users to obtain sensitive information. NOTE: the vendor has disputed the issue, stating
that "the problem is not vulnerability at all, but in fact a fundamental issue of every single program
that can store passwords transparently."
• Multiple format string vulnerabilities in FileZilla prior to 2.2.32 allow remote malicious users to
execute arbitrary code via format string specifies in (1) FTP server responses or (2) data sent by an
FTP server. NOTE: some of these details are obtained from third party information.
• Untrusted search path in FileZilla prior to 3.41.0-rc1 allows a malicious user to gain privileges via a
malicious 'fzsftp' binary in the user's home directory.
11. What can you do to protect yourself?
• FTP was not built to be secure. It is generally considered to be an
insecure protocol because it relies on clear-text usernames and
passwords for authentication and does not use encryption. Data
sent via FTP is vulnerable to sniffing, spoofing, and brute force
attacks, among other basic attack methods.
• To protect yourself against this riskware and sensitive information
don’t use FileZilla.
• To transfer protected information, use locally developed web based
file transfer software
• For user data exchange, consider cloud-based storage-as-a-service.
• When downloading applications and software from the Internet,
always save them to a file and run antivirus software against them
before execution to ensure they are free of any malware.
12. • Why is Computer Security Important?
• Computer Security allows the Enterprise to carry out its mission by:
• Supporting critical business processes
• Protecting personal and sensitive information
• Enabling people to carry out their jobs,
• What are the consequences for security violations?
• Risk to security and integrity of personal or confidential information e.g.
identity theft, data corruption or destruction;
• Lack of availability of critical information in an emergency, etc.
• Loss of valuable business information
• Loss of employee and public trust, embarrassment,
• Costly reporting requirements in the case of a compromise of certain
types of personal, financial and health information
13. Recommendation
• It is advised to transfer protected information,
use locally developed web based file transfer
software for sensitive files.
• Browser-based file sharing- Remote working and
collaborative efforts are the norm now, so teams
need a file-sharing option that provides file
version control, real-time file syncing, easy
remote access from any device, and effective
communication tools.
•