Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

FTP Security

Posted on 2004-08-10
7
Medium Priority
?
279 Views
Last Modified: 2013-12-04
Question: Does limiting ftp connections to your site to specicif IP's offer much security. I have configured my firewall to allow ftp connections to a single IP and yet port 21 is still picked up by a scan as being opened. My contention is, that if port 21 is open, it is still susceptible to vulnerabilities of that inherant with FTP. Is this a correct assumption?

Thanks
0
Comment
Question by:jstansley
  • 2
7 Comments
 
LVL 12

Accepted Solution

by:
gidds99 earned 200 total points
ID: 11767988
It offers pretty good security as limiting the connections to a single IP means that you are limiting the attack surface if there are vulrabilities in the FTP server software they are not exposed as it will not allow an FTP connection to be esablished from other IP's.

Other Experts mention IP spoofing which is easy for a determined attacker with tools which are freely available on the web.  The crucial question to ask in my opinion when considering the risks in this type of setup is, how likely is it an attacker will know the IP in the first place so he is in a position to spoof it?  Any danger from IP spoofing is very limited as I see it.

Hope this helps.
0
 

Author Comment

by:jstansley
ID: 11768058
Thanks....so you are saying that despite the fact that port 21 is listed as open on a port scan.....an attacker cannot launch an attack unless he knows the specific IP for which the server is configured to accept connections?
0
 
LVL 7

Expert Comment

by:magus123
ID: 11770117
their are scans happening every day everywhere , they are automated and they look for anything open
i remeber getting infected with a virus with in seconds going on the internet.

keep in mind these

1.nat dsl router / port forwarding for ftp  / mac cloning
2. firewall at the os  " configure it to disabl icmp " ping attacks
3. ant virus at the os
4. http://www.blackviper.com/  " services ethir listening or not need , consider removing
5.  netstat , check your open prots
6. www.dslreports.com check their forum and recommended sites to  use certain sites
that do port scans on your computer and recommend what to block or shutdown
7.  do level of ftp software and access versus user or anoyumus
8. a dedicated hardware firewall
9.logging , check who or what intrusion if any
10. peer guardian from methlabs , check out their program and the blocklist you can dowload
for known bad intrusions , works at the os level , also consider protowall.

that all i can remember for know
0
 
LVL 12

Expert Comment

by:gidds99
ID: 11770286
What I am saying is that I beleive that although port 21 is open the FTP software wont allow an FTP connection to be made unless it originates from that specific IP.  Therefore as no FTP connection can be completed it is not possible for an attacker to try and exploit any holes which may exist in the FTP server software as many holes will be exploited by an attacker sending corrupt data over a completed connection in order to exploit vulnrabilities in the FTP server software.  By confining to connections to a single IP you are preventing connections from being accepted from other IP's.

Hope this helps.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question