FTP bounce attack

From Infogalactic: the planetary knowledge core
Jump to: navigation, search

FTP bounce attack is an exploit of the FTP protocol whereby an attacker is able to use the PORT command to request access to ports indirectly through the use of the victim machine as a middle man for the request.

This technique can be used to port scan hosts discreetly, and to access specific ports that the attacker cannot access through a direct connection, for example with the nmap port scanner.[1]

Nearly all modern FTP server programs are configured by default to refuse PORT commands that would connect to any host but the originating host, thwarting FTP bounce attacks.

See also

References

<templatestyles src="Reflist/styles.css" />

Cite error: Invalid <references> tag; parameter "group" is allowed only.

Use <references />, or <references group="..." />

External links

<templatestyles src="Asbox/styles.css"></templatestyles>

Stub icon

This computer networking article is a stub. You can help Wikipedia by expanding it.
  1. "ftp-bounce", Nmap Scripting Engine documentation
Retrieved from "https://infogalactic.com/w/index.php?title=FTP_bounce_attack&oldid=2302721"