My sites were hacked using via Gumblar hack/virus. I was using FileZilla and somehow they used the FTP login/passwords to hack into my sites.
I have now removed the Filezilla.XML file on the host machine and running data sensitive stuff using the Portable Apps via USB Drive.
If I visit a hacked site again(with virus).. and somehow my PC gets infected... Is the data on USB drive safe?
Thanks,
Mike
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
it is connected to the PC, it part of the windows as any other software installed on any other drive. Even if you would have such software and data on leat say a CD or DVD, this would be then quite well write protected, but not read protected. During the time your windows can read it, everybody who has access to your windows can read it.
and there are data stored also in other of the .xml files so filezilla.xml alone is not enough to hide.
and to avoid all stuff beeing stored, you can try to clear private data from the menu of the filezilla.
Anyway, it is kind of strange that filezilla stores all things in plain text when the over 25 year old ftp clients like wsftp do at least obfuscate the passwords in their logs and ini files.
But this is not a problem of the portable version, the filezilla authors might do here some job in future.
Otto Sykora
Basel, Switzerland
It'll depend entirely on the virus and how it looks for passwords to steal. I would expect that it would miss the portable version, but I wouldn't guarantee it.
I am a Christian and a developer and moderator here.
“A soft answer turns away wrath, but a harsh word stirs up anger.” – Proverbs 15:1
If you want to prevent infections you run security sw; antivirus, antispyware, firewall. And you keep them current. With so many free ones there's no excuse to not run them.
Ed
Will Password protected folder help ward off virus/hacks?
well to certain extend it may help little bit, but how to use it then?
And which folder to protect and how? You can zip or 7zip or what ever with password and encryption. OK when folder not in use , it will be protected. Then how are you going to use it? You will unzip/decrypt the folder and have it plain on your stick or drive. During this time all is back to square, open and available to everybody.
If you just manage to lock somehow the folders with the xml files , then when you start filezilla it will not find the files it needs. So you would have to remamber to open them before each time.
So you would need a mechanism which works without drivers, does encryption of folders and will kind of decrypt them on access and encrypt them back when not in use. Very difficult task under current operating systems if this should end up being portable.
Otherwise use Truecrypt (or FreeOTFE) container on your PC and run things from there.
And even here, during the time the container is accessible to you and your operating system, it is also accessible to everyone else.
Otherwise scan your system frequently if possible with some bootable media scanner, if possible with more then one, use common sense when opening files and surfing the web and reading your mail. You can switch on the windows firewall, an edditional personal firewall is of little use it just makes the system more vulnerable then it is already and will anyway not be able to stop any reasonably constructed current malware.
Otto Sykora
Basel, Switzerland