Is NetworkStream Secure?

Question

I'm working on an existing C# .NET 4.5 application. It has a component that downloads data from a mainframe (I don't have details on what kind) using a TcpClient with NetworkStream Read and Write commands. The developer that originally wrote the code has left the company and the audit area is now questioning the security of how these mainframe datasets are being downloaded. The original developer's naming conventions seem to indicate that FTP was being used, but reading the documentation on TcpClient and NetworkStream , there is no mention of the protocols that are used to actually transfer the data.

My networking experience is very limited, but my understanding is that the TcpClient just provides the network connection and then some sort of application protocol (such as FTP) needs to run on the TCP connection to actually move the data.

So my question is, what protocol does NetworkStream.Read use and is it secure? If it's not secure, what is a good alternative?

Answer 1

NetworkStream has no inherent security... you can see whatever it is reading with any network packet viewer.

Caveat: if the data you are streaming is encrypted before you send it then you could reasonably claim it's "secure"...

Answer 2

By itself, System.Net.Sockets.NetworkStream does not have any inherent security. You can visualize this by forming up a connection and capturing the traffic with Wireshark .

If you need to secure your data, have a look at SslStream or NegotiateStream to see if they fit your needs for custom client/server applications.

Alternately, depending on your application, you may be able to serve your data sets over HTTPS. If you just need to protect the integrity of the data sets and not the confidentiality, you could also add digital signatures to data sets and check those signatures after they are received.