HOME

TheInfoList



Click Here for Items Related To - FTP Bounce Attack
OR:
FTP Bounce Attack on:   [Wikipedia]   [Google]   [Amazon]

FTP bounce attack is an exploit of the
FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and dat ...
protocol whereby an attacker is able to use the PORT command to request access to
ports Ports collections (or ports trees, or just ports) are the sets of makefiles and Patch (Unix), patches provided by the BSD-based operating systems, FreeBSD, NetBSD, and OpenBSD, as a simple method of installing software or creating binary packages. T ...
indirectly through the use of the victim machine, which serves as a proxy for the request, similar to an
Open mail relay An open mail relay is a Simple Mail Transfer Protocol (SMTP) server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. This used to be the default ...
using
SMTP The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typi ...
. This technique can be used to port scan hosts discreetly, and to potentially bypass a network's
access-control list In computer security, an access-control list (ACL) is a list of permissions associated with a system resource (object or facility). An ACL specifies which users or system processes are granted access to resources, as well as what operations are al ...
to access specific ports that the attacker cannot access through a direct connection, for example with the
nmap Nmap (Network Mapper) is a network scanner created by Gordon Lyon (also known by his pseudonym ''Fyodor Vaskovich''). Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap pro ...
port scanner A port scanner is an application designed to probe a server or host for open ports. Such an application may be used by administrators to verify security policies of their networks and by attackers to identify network services running on a host and ...
."ftp-bounce"
Nmap Scripting Engine documentation Nearly all modern FTP server programs are configured by default to refuse commands that would connect to any host but the originating host, thwarting FTP bounce attacks.


See also

*
Confused deputy problem In information security, a confused deputy is a computer program that is tricked by another program (with fewer privileges or less rights) into misusing its authority on the system. It is a specific type of privilege escalation. The confused deputy ...


References


External links


CERT Advisory on FTP Bounce AttackOriginal posting describing the attack
File Transfer Protocol Computer network security {{compu-network-stub