Results 1 to 4 of 4

Thread: ftp ?

  1. #1
    Junior Member
    Join Date
    Dec 2001

    ftp ?

    If I have a ftp port open is it easy for someone to get access over my system if so how can I provent it?


  2. #2

    Re: ftp?


    If you have a ftp port open it is easy for someone to get access over your system. How can you prevent it? I would recomend downloading a firewall.
    The port may be open if your downloading or uploading something from an ftp site. Other than that I don't see why you would have an ftp port open. Hope this helps.


  3. #3
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Hi! Thanks for posting!

    As far as FTP is concerned, the daemon that listens to port 21 for incoming connections is what you want to make sure you have locked down. Below is a short list of things to beware with FTP.

    1: buffer overflows using attacks on the ftp daemon (to fix this, find out who makes the FTP server (found out by ftp'ing to yourself, it should say in the intro login) and going to their website to upgrade or patch your version). This will keep nasties from sending fragmented/oversized information to your ftp daemon and causing it to crash into a shell.

    2: bounce attacks - some people use ftp servers to 'forward' themselves to another site, similar to IP spoofing, only using other machines to mask their presence. This probably has already been fixed with your ftp daemon but check the web site.

    3: anonymous ftp - make sure you have your anonymous ftp directories locked down and if you have high bandwidth and traffic, lock down the quotas so they can't put more than X number of megs, therefore keeping your disk space from disappearing. Some people like to find unset anon. servers and dumping pr0n/scripts/etc onto it then tell their friends and they do the same thing. A great page for this is located here so check it out!

    Checking the vendor site and checking the site I passed along will get you going in the right direction of keeping your ftp safe. Generally, it's not the first thing to be hit but it's good to keep up the security.

    Have a good day!
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  4. #4
    Senior Member
    Join Date
    Nov 2001

    Theres nothing more to say...really nice post!
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts