LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-29-2007, 01:54 PM   #1
otacon 14112
Member
 
Registered: Apr 2004
Location: /
Distribution: ubuntu (gutsy)
Posts: 46

Rep: Reputation: 15
Defending against ftp attacks


Hello,

I also have an ftp service running. I do know that any service can be hacked, and ftp is an old one, so there are probably a lot of vulnerabilities for it.

Anyway, what are some of the most common methods hackers use in order to compromise ftp services, and how would I defend/secure my server against them? I can't afford to have my server taken down.

Thanks alot, I appreciate it,
otacon
 
Old 03-29-2007, 02:25 PM   #2
phantom_cyph
Senior Member
 
Registered: Feb 2007
Location: The Tropics
Distribution: Slackware & Derivatives
Posts: 2,472
Blog Entries: 1

Rep: Reputation: 128Reputation: 128
Here is a good place to ask that: click here.
 
Old 03-29-2007, 02:35 PM   #3
kcorupe
Member
 
Registered: Nov 2004
Location: Arizona
Distribution: Arch
Posts: 107

Rep: Reputation: 15
when your saying that ftp is "old", you are referring to the protocol, there are new ftp servers/clients.

vsftpd is a proven secure ftp server in Linux, I would suggest that. Read up on some HOWTO's on google for configuring it properly, and I would suggest running it in a chroot environment for some added security.

Now, do you "need" to use ftp? why not use sftp (over ssh)? Its an encrypted connection and is much more secure then ftp.
 
Old 04-02-2007, 02:01 PM   #4
nx5000
Senior Member
 
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 57
A few things possible specific to ftp:
- Brute force attack (if ftp passwords are system password then it's really bad)
- Ftp protocol trick: ftp bounce attack (scanning, local/remote Dos by exhausting network ports)
- Guessing your internal network adresses (maybe enumerating NATed machines or the number)
- Guessing the architecture by getting /bin/ls (chroot or not)
- Probably other things..

It all depends on your settings and which ftp server is used

Chroot helps
sftp, ftps, scponly are good things to check
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
More bruteforcing attacks -- need help please! RoaCh Of DisCor Linux - Security 2 10-22-2006 07:38 AM
LXer: Defending Against New Rootkits That Beat BSD, Linux, Mac, Vista, AMD and Intel LXer Syndicated Linux News 0 08-09-2006 08:21 PM
Attacks with UDP.PL, Help. LittleEvilBunny Linux - Security 4 12-15-2004 10:21 AM
IP attacks sundarrnathan Linux - Security 1 06-04-2003 06:33 AM
IP address attacks Smooth Linux - Security 7 06-01-2003 03:36 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:13 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration