The traditional FTP protocol sends commands and data in “the clear” over the network/internet. This FTP data could be intercepted by an attacker, which could then be viewed and altered before sending it onto the receiver.
If you are sending sensitive data over the internet, then you may want to consider the FTPS (FTP over SSL) protocol for securing data.
FTPS creates an encrypted tunnel between two computer systems and will protect against the following attacks:
IP spoofing, where a remote host sends out packets which pretend to come from another, trusted host
IP source routing, where a host can pretend that an IP packet comes from another, trusted host.
DNS spoofing, where an attacker forges name server records
Interception of cleartext passwords and other data by intermediate hosts
Manipulation of data by attackers in control of intermediate hosts
FTPS uses a combination of
asymmetric
(public key) cryptology and
symmetric
cryptology to provide strong encryption and optimal performance.
Both the server and the client can be authenticated (trusted) through the use of X.509 Certificates. In other words, certificates will help ensure that each party is truly who they say they are.
The SSL Handshake process is detailed in the Appendix.