July 3rd, 2004 05:19 AM
I am learning about network security on my home network and noticed my FTP port was open. When I open up a web browser or ftp client it show that I am connected but no files or directories show up. Why? I also opened up a command prompt (I run win2k) and ftped my pc and once again connection but nothing shows up. Am I voulnerable to attacks? Obviously my directories dont show up but can some one put a backdoor on my system like this? And if someone did upload to this connection where would I find the files?
July 3rd, 2004 05:24 AM
When you connect via command prompt, you should see the name of the FTP server. Copy the name and paste it into search on your machine and the file's for it should come up.
July 3rd, 2004 05:26 AM
Just as a precaution, I would recommend you update your Virus and spyware cleaners, and run them in safe mode (F8 at startup). You may have a virus, and if there is an active FTP on your computer, you might turn into a warez server.
Last thing you want is a angry phone call from your ISP.
Also check out TCPview and Fport from foundstone to see what process is holding the FTP server open.
July 3rd, 2004 10:36 AM
The fact that you do not see any files is not important. If, however, the FTP is the result of something else, you still have to be worried about directory traversal exploits which could give somebody access to any folder on your computer [provided they know the specific weakness].
July 3rd, 2004 10:47 AM
To me, this simply sounds like IIS is running in its default config. How about really protecting yourself and disable the service. Then you wont have to worry about any of the nastys mentioned above.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
July 3rd, 2004 01:33 PM
You can try to use firewall to block incoming packets to the port 21
July 4th, 2004 03:34 AM
How would someone be able to gain access to all directories through an ftp port and if someone was to upload to the anonymous ftp I found on my home server where would I find those files?
July 4th, 2004 04:36 AM
An FTP exploit.
How would someone be able to gain access to all directories through an ftp port
FTP isn't really my bag, but do a search on your computer for all files created on a specific date, then organize them by time created. you should easily be able to pick the ones that you didn't put there.
I believe in making the world safe for our children, but not our children’s children, because I don’t think children should be having sex. -- Jack Handey
July 4th, 2004 05:07 AM
I dunno what you mean by "all directories" however they can get to the file/image directories of your website if that's where they are stored (on your server of course). Now how would they gain access? Well, if you have a weak password, then they can login by guessing the password or looking up an ftpd exploit online (which isn't really hard).
July 4th, 2004 05:09 AM
if you installed iis then maybe the ftp server is running but i dont remember it running by default but i know telnet server was in the first releases. you say when you ftped into it you saw nothing...didn't it have a banner if it said: 220 ftp Microsoft FTP Service (Version 5.0) then just turn of the services. go to the run box and enter services.msc double click ftp server and stop and disable it. the default dir is ftproot. if it says anything other than ms ftp then you got a problem.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”