FTP bounce attack
FTP bounce attack is an exploit of the FTP protocol whereby an attacker is able to use the PORT command to request access to ports indirectly through the use of the victim machine as a middle man for the request.
Nearly all modern FTP server programs are configured by default to refuse PORT commands that would connect to any host but the originating host, thwarting FTP bounce attacks.
- "ftp-bounce", Nmap Scripting Engine documentation
- CERT Advisory on FTP Bounce Attack
- CERT Article on FTP Bounce Attack
- Original posting describing the attack
|This computer networking article is a stub. You can help Infogalactic by expanding it.|