FTP bounce attack is an exploit of the FTP protocol whereby an attacker is able to use the PORT command to request access to ports indirectly through the use of the victim machine, which serves as a proxy for the request, similar to an Open mail relay using SMTP.[1]
This technique can be used to port scan hosts discreetly, and to potentially bypass a network's Access-control list to access specific ports that the attacker cannot access through a direct connection, for example with the nmap port scanner.[2]
Nearly all modern FTP server programs are configured by default to refuse PORT commands that would connect to any host but the originating host, thwarting FTP bounce attacks.
See also edit
References edit
- ^ M. Allman; S. Ostermann (1999). "RFC 2577". doi:10.17487/RFC2577.
- ^ "ftp-bounce", Nmap Scripting Engine documentation
External links edit
🔥 Top keywords: Akademia e Shkencave e RPS te ShqiperiseAlexandria Ocasio-CortezBilderberg GroupCristiano RonaldoDong XiaowanMinecraftOperation GladioPrimal cutRiot FestStrictly Come Dancing (series 7)Main PageSpecial:SearchWikipedia:Featured picturesIga ŚwiątekRamoji RaoHit Man (2023 film)Pawan KalyanMichael Mosley (broadcaster)2024 Indian general electionWilliam AndersChirag PaswanCleopatraJasmine PaoliniPat SajakProject 20252024 ICC Men's T20 World CupDeaths in 2024Glen PowellKidnapping of Noa ArgamaniAdria ArjonaBad Boys: Ride or DieEarthriseVanna WhiteThe Acolyte (TV series)UEFA Euro 2024YouTubeThe Watchers (film)Beechcraft T-34 MentorSabrina CarpenterNormandy landingsBarry Keoghan.xxxGodzilla Minus OneTaylor SwiftN. Chandrababu NaiduClash at the Castle: ScotlandICC Men's T20 World CupTom Jones (singer)LAC Colombia Flight 028