What is an ftp bounce attack Give an example What specificall.docx
1. What is an "ftp bounce" attack? Give an example? What
specifically can you do to prevent it when configuring an ftp
server?
Solution
FTP bounce attack is an exploit of the FTP protocol whereby an
attacker is able to use the PORT command to request access to
ports indirectly through the use of the victim machine as a
middle man for the request. This technique can be used to port
scan hosts discreetly, and to access specific ports that the
attacker cannot access through a direct connection,
For example with the nmap port scanner. Nearly all modern FTP
server programs are configured by default to refuse PORT
commands that would connect to any host but the originating
host, thwarting FTP bounce attacks.
when connect to an ftp server the client sends a port command
specifying the IP address and port to which the FTP server
should connect and send data .An FTP Bounce attack is when an
attack is when an attacker sends a PORT command specifying
the IP address of a third party instead of the attackers own ip
address .The Ftp server then sends data to the Victim machine.
2. You can prevent when configuring an FTP server you should be
handled
in this field
Do this
Action
Specify what action to take when an FTP Bounce attack occurs
,by selecting one of the following
Track
specify whether to log Ftp bounce attacks, by selecting one of
the following
in this field
Do this
Action
Specify what action to take when an FTP Bounce attack occurs
,by selecting one of the followingBlock .Block the attack.This
is the default.None.No action
Track
specify whether to log Ftp bounce attacks, by selecting one of
the followingLog. Log the attack .This is the defaultNone. Do
not log the attack