FTP bounce attack
Encyclopedia
FTP bounce attack is an exploit of the FTP
protocol whereby an attacker is able to use the PORT command to request access to ports
indirectly through the use of the victim machine as a middle man for the request.
This technique can be used to port scan hosts discreetly, and to access specific ports that the attacker cannot access through a direct connection.
nmap
is a port scanner that can utilize an FTP bounce attack to scan other servers.
Nearly all modern FTP server programs are configured by default to refuse PORT commands that would connect to any host but the originating host, thwarting FTP bounce attacks.
File Transfer Protocol
File Transfer Protocol is a standard network protocol used to transfer files from one host to another host over a TCP-based network, such as the Internet. FTP is built on a client-server architecture and utilizes separate control and data connections between the client and server...
protocol whereby an attacker is able to use the PORT command to request access to ports
Transmission Control Protocol
The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
indirectly through the use of the victim machine as a middle man for the request.
This technique can be used to port scan hosts discreetly, and to access specific ports that the attacker cannot access through a direct connection.
nmap
Nmap
Nmap is a security scanner originally written by Gordon Lyon used to discover hosts and services on a computer network, thus creating a "map" ofthe network...
is a port scanner that can utilize an FTP bounce attack to scan other servers.
Nearly all modern FTP server programs are configured by default to refuse PORT commands that would connect to any host but the originating host, thwarting FTP bounce attacks.