FTP bounce attack

In this article, we will explore FTP bounce attack in depth, a topic that has captured the attention of millions in recent years. From its origins to its impact on today's society, FTP bounce attack has played a significant role in different areas, generating debates, controversies and reflections on its importance and relevance. Along these lines, we will examine the many facets of FTP bounce attack, from its most basic components to its most advanced applications, with the aim of providing a comprehensive and complete vision of this exciting topic.

FTP bounce attack is an exploit of the FTP protocol whereby an attacker is able to use the PORT command to request access to ports indirectly through the use of the victim machine, which serves as a proxy for the request, similar to an Open mail relay using SMTP.^[1]

This technique can be used to port scan hosts discreetly, and to potentially bypass a network's access-control list to access specific ports that the attacker cannot access through a direct connection, for example with the nmap port scanner.^[2]

Nearly all modern FTP server programs are configured by default to refuse PORT commands that would connect to any host but the originating host, thwarting FTP bounce attacks.

See also

• Confused deputy problem

References

1. ^ M. Allman; S. Ostermann (1999). "RFC 2577". doi:10.17487/RFC2577.
2. ^ "ftp-bounce", Nmap Scripting Engine documentation

External links

• CERT Advisory on FTP Bounce Attack
• CERT Article on FTP Bounce Attack
• Original posting describing the attack

This computer networking article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e