FTP, FTPS and FTPES
The File Transfer Protocol dates back to the early 1970s. At the time, the protocol was concerned purely with transferring files between a client and server. As with other tools, such as telnet, security wasn’t a concern.
Security is a major concern nowadays: sending your FTP username and password to a server in plain text is a really bad idea. Although plain FTP is still in use, most people nowadays use FTPES.
FTPS: implicit security
The first attempt to make FTP secure was FTPS. FTPS uses port 990 instead of port 21 to connect securely to a server. FTPS never became a hit, mainly because the FTP protocol doesn’t define the implicit negotiation used by FTPS. That is, FTP clients are supposed to negotiate the level of security with the server, but FTPS doesn’t do that: it implies the use of TLS. Like plain FTP, FTPS has fallen out of favour.
FTPES: explicit security
The method widely in use nowadays is FTPES. With FTPES (explicit FTPS) the client and server use port 21 to negotiate the level of security to be used. The client can ask the server to switch to an encrypted channel via the AUTH SSL or AUTH TLS command, and after the server has established a secure channel the client can securely send the user credentials.
Confusing lingo
The reason many people are confused about different FTP methods is that it is reasonable to assume that FTPS means secure FTP, in the same way that HTTPS is secure HTTP and IMAPS is secure IMAP. However, when people talk about FTPS they usually talk about FTPES. Here is a quick recap of the differences:
| Type | Port | Notes |
|---|---|---|
| FTP | 21 | Plain text communication between client and server. |
| FTPS | 990 | TLS implied (no negotiation between client and server) |
| FTPES | 21 | Level of security is negotiated between client and server |
What about SFTP?
SFTP is another protocol for transferring files. Other than that SFTP has nothing in common with FTP, FTPS and FTPES. SFTP is short for SSH File Transfer Protocol and is an extension of the SSH protocol. This implies that the client needs to have shell access in order to use SFTP. By default, it uses the SSH port (22).
Featured Blogs
The Importance Of Server Maintenance For Businesses
When you have a website, which all businesses should these days, it goes without saying that your server is essential. Simply put, your server will store, process and deliver your website to anyone who is visiting your URL. So, without your server, your website wouldn’t be ‘live’ or visible to anyone who is trying to …
Everything you need to know about ISO27001 managed servers and hosting
In today’s competitive marketplace for managed servers and hosting, it can be difficult to differentiate between providers and their service offerings. At catalyst2, we mark ourselves out in the managed IT services marketplace by our quality. By quality, we don’t just mean our ISPA awards and nominations, including winning the Best Customer Service Award and …
What is a private cloud?
A virtual private cloud provides a secure environment for a company’s shared resources, accessible only by the business and not from a third party. Businesses may use this for a variety of reasons, such as storing (and sharing) data, hosting websites, or running code. Regardless of how it’s used, using a virtual private cloud server …
What To Take Into Consideration When Choosing Your Virtual Server Hosting
In this digital day and age, having an online presence is more important than ever before and when they don’t have a website, businesses will be hindering their own success. In order to have a website that is ‘live’ and visible to anyone using the internet, you will require web hosting services and whilst there …
What are VPNs and why are they important?
Virtual private networks are essential tools for anyone who values their privacy and security online. Whether you want to prevent your ISP from looking at what you’re doing online or you want to ensure your connection is secure when using public Wi-Fi, VPNs have a lot to offer. What is a VPN? Usually, when a …
We’ve been shortlisted for two awards at the ISPA’s 23rd Annual Awards!
At catalyst2, we’re proud to put our customers and clients at the forefront of everything that we do. Our customer service levels are always a key consideration, regardless of the service we’re providing. As a result of our efforts, we’re proud to announce that we’ve been shortlisted for two awards at the 23rd Annual ISPA …
Encryption at rest: Its purpose and benefits/setbacks
In any organisation, the data held within your system is the most crucial and precious aspect of your business. Whether it be credit card information, transaction histories, or client intel, the data you hold is the core foundation of what your company runs on. This is why it must be safeguarded and protected with the …
What are the CIS Controls?
The CIS controls, previously known as the SANS Critical Security Controls, are a recommended set of actions developed by the Center for Internet Security to enable organisations to thwart the most pervasive cybersecurity threats they are likely to face. The latest version of these controls, version 8, reduces their number from 20 to 18 and …
Everything you need to know about Galera Cluster
Galera Cluster is a synchronous multi-master database cluster developed by Codership of Finland. This open-source software operates as a patch for MySQL and MariaDB and offers its own command-line interface. It provides a range of features including certification-based replication, which uses individual nodes to certify the replicated write set against other write sets. Database reads …
How To Utilise Tech Services To Enhance Your Firm’s Professionalism
In the twenty-first century, regardless of the industry that you find yourself in, the likelihood is that you are constantly fighting for the attention of your audience. With more-and-more firms popping up on a yearly basis, it is imperative that you take action to try and retain a professional reputation – this can help to …
What our clients say
We really rate catalyst2. We get a great response from the team… really happy with the service.