ANN: FTP Commander (the ftp browser Frank asked for...)

Alex Tweedly alex at
Tue Sep 7 18:58:27 EDT 2004

At 19:20 07/09/2004 -0300, Andre Garzia wrote:

>On Sep 7, 2004, at 6:58 PM, Alejandro Tejada wrote:
>>Could anyone (intentionaly) sniff the password
>>used to connect to a ftp server?
>I don't think so. Unless someone launch a bogus server and force a user to 
>log in.

Yes, they can sniff passwords. Standard FTP (rfc959) sends passwords in 
cleartext, so anyone with physical access to the network, and suitable 
packet-capture hardware can easily sniff the password.

See rfc 2577 for various other things that will scare you about using ftp :-)

-- Alex.

More information about the use-livecode mailing list