Access Keys:
Skip to content (Access Key - 0)
Kandmtech LLC


 443-919-5458

sales@kandmtech.com
 


Over the years the users of the internet have been becoming more educated on the highly technological aspects of the internet and its protocols. As with most new advances, after a while the complex and obscure knowledge becomes common knowledge to the communities. When complex and obscure knowledge becomes common knowledge needs develop to come up with better ways to secure system (e.g. servers, computers, and networks). When in the past we could rely on the fact that most users did not understand or know how to compromise protocols such as file transfers. Now we have to worry about these old arcane protocols which used clear plain text over the internet for passing usernames, passwords, or files.
Keeping the files on your internet in top working order and keeping your e-business alive seems to require moving files around endlessly to keep things organized. System and network administrators use File Transfer Protocol (FTP) to update DNS zone maps, update web sites, transfer user data, move around database files, and endless other chores to keep file systems and hard drives tidy. Moving files from here to there is the heartbeat of the Internet. The nice thing about FTP is that it allows you to move files easily between systems that use similar or different operating systems, file structures, and character sets.

FTP has been defined and redefined numerous times by the Internet Engineering Task Force (IETF) in a series of standards documents known as RFCs. (RFC stands for Request for Comments). Today, RFC 959 by Postel and Reynolds, 1985, is the official standard for FTP. You can read this RFC in its entirety on the IETF website at http://www.ietf.org.

FTP was originally defined in the early 1970s to transfer files to and from various ARPANET nodes. However, there are a few problems with old arcane standard FTP that we all grew up with in the early days of the Internet.

First of all, it doesn't use strong authentication. It is based on password logins which can be guessed, or discovered by cyber criminals using a sniffer. Even if the password is not guessed or sniffed, with standard FTP none of the files being transferred to and from their destinations are encrypted. FTP sends files in clear plain-text exposing them to the plethora of bad guys out there who have nothing better to do than violate the privacy of others, pilfer confidential information such as credit card information, and attempt to obtain classified information that could compromise national security.

Files being transferred by FTP are also vulnerable to man-in-the-middle attacks where data is intercepted and then altered before sending it back on its way. Another scenario where using secure FTP is critical is during web site updates. Without secure FTP, it is very easy to hack a web site and edit it. All a hacker has to do is find out the IP address of the web site using a reverse ping on the domain name, and then set up a sniffer to run 24 hours a day on the IP address to sniff and log the login connection. As soon as the web master logs in to update the site, the hacker's sniffer can grab and record the password and login information. Using the login information, hackers can then alter the site to destroy the site's reputation, steal proprietary information (such as customer lists, credit cards), add fraudulent news, even launch new hacks against different sites from your site leaving you open to legal liability, or anything else you can imagine. All this done by using the login and password they sniffed earlier. The main reason that web sites get hacked is because they are being updated with insecure FTP transfers. There are other ways that web sites can get hacked (due to improper OS and incorrect server configurations) but using secure FTP certainly reduces the probability of hacks due to insecure file transfers and logins.

In this new world of ours the requirements now are to design a way to protect against adversaries mounting cost-effective attacks on sensitive government or commercial data (e.g., hackers, organized crime, and economic competitors). The primary goal in designing an effective security system is to make the cost of any attack greater than the possible payoff.

This is where Red Bird SFX enters to meet the new requirements. Red Bird SFX is a cryptographically secure file transfer client that supports Secure Copy Protocol (SCP) and Secure FTP (SFTP), which despite the name is quite different from FTP. SCP and SFTP applies encryption on all messages between the client and the server. With Red Bird SFX, you can change directories, list directories, change file permissions/owner/group, and grab entire batches and directories of files in one fell swoop.

It is important to always have the right tools in your tool box. Red Bird SFX is one tool you will find hard to live with out. When you need to guaranteed the security of your files and your servers access then you need a tool that will cryptographically secure the communication. So come and try Red Bird SFX today; once you have experienced the benefits we are sure you will want to buy Red Bird SFX!