Ask a question about 'FTP bounce attack'
Start a new discussion about 'FTP bounce attack'
Answer questions from other users
FTP bounce attack
is an exploit of the FTP
File Transfer Protocol is a standard network protocol used to transfer files from one host to another host over a TCP-based network, such as the Internet. FTP is built on a client-server architecture and utilizes separate control and data connections between the client and server...
protocol whereby an attacker is able to use the PORT
command to request access to ports
The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
indirectly through the use of the victim machine as a middle man for the request.
This technique can be used to port scan hosts discreetly, and to access specific ports that the attacker cannot access through a direct connection.
Nmap is a security scanner originally written by Gordon Lyon used to discover hosts and services on a computer network, thus creating a "map" ofthe network...
is a port scanner that can utilize an FTP bounce attack to scan other servers.
Nearly all modern FTP server programs are configured by default to refuse PORT
commands that would connect to any host but the originating host, thwarting FTP bounce attacks.