Solved

FTP Security

Posted on 2004-08-10
7
254 Views
Last Modified: 2013-12-04
Question: Does limiting ftp connections to your site to specicif IP's offer much security. I have configured my firewall to allow ftp connections to a single IP and yet port 21 is still picked up by a scan as being opened. My contention is, that if port 21 is open, it is still susceptible to vulnerabilities of that inherant with FTP. Is this a correct assumption?

Thanks
0
Comment
Question by:jstansley
  • 2
7 Comments
 
LVL 12

Accepted Solution

by:
gidds99 earned 50 total points
ID: 11767988
It offers pretty good security as limiting the connections to a single IP means that you are limiting the attack surface if there are vulrabilities in the FTP server software they are not exposed as it will not allow an FTP connection to be esablished from other IP's.

Other Experts mention IP spoofing which is easy for a determined attacker with tools which are freely available on the web.  The crucial question to ask in my opinion when considering the risks in this type of setup is, how likely is it an attacker will know the IP in the first place so he is in a position to spoof it?  Any danger from IP spoofing is very limited as I see it.

Hope this helps.
0
 

Author Comment

by:jstansley
ID: 11768058
Thanks....so you are saying that despite the fact that port 21 is listed as open on a port scan.....an attacker cannot launch an attack unless he knows the specific IP for which the server is configured to accept connections?
0
 
LVL 7

Expert Comment

by:magus123
ID: 11770117
their are scans happening every day everywhere , they are automated and they look for anything open
i remeber getting infected with a virus with in seconds going on the internet.

keep in mind these

1.nat dsl router / port forwarding for ftp  / mac cloning
2. firewall at the os  " configure it to disabl icmp " ping attacks
3. ant virus at the os
4. http://www.blackviper.com/  " services ethir listening or not need , consider removing
5.  netstat , check your open prots
6. www.dslreports.com check their forum and recommended sites to  use certain sites
that do port scans on your computer and recommend what to block or shutdown
7.  do level of ftp software and access versus user or anoyumus
8. a dedicated hardware firewall
9.logging , check who or what intrusion if any
10. peer guardian from methlabs , check out their program and the blocklist you can dowload
for known bad intrusions , works at the os level , also consider protowall.

that all i can remember for know
0
 
LVL 12

Expert Comment

by:gidds99
ID: 11770286
What I am saying is that I beleive that although port 21 is open the FTP software wont allow an FTP connection to be made unless it originates from that specific IP.  Therefore as no FTP connection can be completed it is not possible for an attacker to try and exploit any holes which may exist in the FTP server software as many holes will be exploited by an attacker sending corrupt data over a completed connection in order to exploit vulnrabilities in the FTP server software.  By confining to connections to a single IP you are preventing connections from being accepted from other IP's.

Hope this helps.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question