1 Project Overview
File Transfer Protocol (FTP) is a widely used method for transferring files between systems, but it comes with inherent security risks due to its plaintext transmission. This project aims to demonstrate these vulnerabilities by setting up an FTP server, intercepting credentials, and exploiting weaknesses. Following this, we will implement Secure File Transfer Protocol (SFTP) to showcase a secure alternative with encrypted communication.
2 Objectives
- Set up an FTP server and create a user for file transfers.
- Demonstrate FTP vulnerabilities by capturing plaintext credentials.
- Exploit FTP weaknesses by modifying FTP traffic in transit.
- Implement SFTP to mitigate security risks and ensure encrypted data transmission.
- Compare FTP and SFTP in terms of security and effectiveness.
- Operating System: Linux (Ubuntu, Kali Linux)
- FTP Server: vsftpd (Very Secure FTP Daemon)
- Network Monitoring: Wireshark
- Secure File Transfer: OpenSSH for SFTP configuration
- Pentesting: Ettercap