The File Transfer Protocol (FTP) is a standard network protocol used for transferring files between any two computers on a network.
The chance of a properly secured FTP server getting hacked is low, but the possibility is still there; no system is 100 percent secure.
On top of that, FTP has a couple of weaknesses.
By default, there is a provision that allows local commands to be executed in FTP servers built in Linux and Windows servers. A malicious user might be able to elevate privileges by exploiting this security flaw.
FTP is based on plain text. During login, the user name and password are sent across as plain text without encryption; this makes the protocol vulnerable to hackers who can use different tools to obtain these credentials.
Firewall Analyzer tracks FTP usage from the firewall syslog and provides a detailed traffic report on:
1. Top Host — Total host traffic sent and received using FTP.
2. Top Protocol — Top protocol group traffic sent and received using FTP.
3. Top Users — Top user traffic sent and received using FTP.
4. Top Rules — The top rules used to access FTP.
If either the host or the user shows unusual traffic, the security admin can investigate and secure that specific IP.