About: FTP bounce attack

Facets (new session)
Description
Metadata
Settings
- Rule:
- Inverse Functional Properties:
- "Same As":

About: FTP bounce attack Goto Sponge NotDistinct Permalink

An Entity of Type : yago:YagoPermanentlyLocatedEntity, within Data Space : dbpedia.org associated with source document(s)
QRcode icon

http://dbpedia.org/describe/?url=http%3A%2F%2Fdbpedia.org%2Fresource%2FFTP_bounce_attack

FTP bounce attack is an exploit of the FTP protocol whereby an attacker is able to use the PORT command to request access to ports indirectly through the use of the victim machine, which serves as a proxy for the request, similar to an Open mail relay using SMTP. This technique can be used to port scan hosts discreetly, and to potentially bypass a network Access-control list to access specific ports that the attacker cannot access through a direct connection, for example with the nmap port scanner.

Attributes	Values
rdf:type	yago:WikicatComputerSecurityExploits yago:Abstraction100002137 yago:Accomplishment100035189 yago:Act100030358 yago:Action100037396 yago:Event100029378 yago:Feat100036762 yago:PsychologicalFeature100023100 yago:YagoPermanentlyLocatedEntity
rdfs:label	FTP bounce attack (en) Ataque de salto de FTP (pt)
rdfs:comment	FTP bounce attack is an exploit of the FTP protocol whereby an attacker is able to use the PORT command to request access to ports indirectly through the use of the victim machine, which serves as a proxy for the request, similar to an Open mail relay using SMTP. This technique can be used to port scan hosts discreetly, and to potentially bypass a network Access-control list to access specific ports that the attacker cannot access through a direct connection, for example with the nmap port scanner. (en) É uma falha ou exploit, no protocolo FTP, através do qual uma pessoa mal intencionada é capaz de usar o comando PORT para solicitar o acesso as portas indiretamente por meio do uso da máquina da vítima como um homem no meio [Ou Man in the middle] para a solicitação. Esta técnica pode ser usada, para descobrir portas discretamente, e para acessar portas especificas que um atacante não pode acessar dentro de uma conexão direta, por exemplo com o Nmap, ou com o Windows Telnet. (pt)
dcterms:subject	File Transfer Protocol Computer network security
Wikipage page ID	997416 (xsd:integer)
Wikipage revision ID	1071950433 (xsd:integer)
Link from a Wikipage to another Wikipage	File Transfer Protocol Confused deputy problem Computer network security File Transfer Protocol Nmap Transmission Control Protocol Open mail relay Access-control list File eXchange Protocol Port scanner Port scan Exploit (computer science)
Link from a Wikipage to an external page	https://www.cert.org/historical/advisories/ca-1997-27.cfm http://insecure.org/nmap/hobbit.ftpbounce.txt https://web.archive.org/web/20131105191347/http:/www.cert.org/tech_tips/ftp_port_attacks.html
sameAs	FTP bounce attack FTP bounce attack FTP bounce attack FTP bounce attack FTP bounce attack
dbp:wikiPageUsesTemplate	dbt:Compu-network-stub dbt:Mono dbt:Reflist
has abstract	FTP bounce attack is an exploit of the FTP protocol whereby an attacker is able to use the PORT command to request access to ports indirectly through the use of the victim machine, which serves as a proxy for the request, similar to an Open mail relay using SMTP. This technique can be used to port scan hosts discreetly, and to potentially bypass a network Access-control list to access specific ports that the attacker cannot access through a direct connection, for example with the nmap port scanner. Nearly all modern FTP server programs are configured by default to refuse PORT commands that would connect to any host but the originating host, thwarting FTP bounce attacks. (en) É uma falha ou exploit, no protocolo FTP, através do qual uma pessoa mal intencionada é capaz de usar o comando PORT para solicitar o acesso as portas indiretamente por meio do uso da máquina da vítima como um homem no meio [Ou Man in the middle] para a solicitação. Esta técnica pode ser usada, para descobrir portas discretamente, e para acessar portas especificas que um atacante não pode acessar dentro de uma conexão direta, por exemplo com o Nmap, ou com o Windows Telnet. Podemos resumir essa falha: Um atacante utilizar uma conexão falsa, na qual um website remoto com falhas na segurança serve de Distração ao servidor, O servidor se comunica com a conexão do atacante, mais não com o website utilizado pra distrair ele, então ele responde como se fosse responder o website usado pra distrair, por fim, pode ter acesso irrestrito a alguns recursos. Quase todos os programas modernos de servidor FTP são configurados por padrão a recusar os comandos PORT que iriam oferecer ligação externa para qualquer máquina, junto com o host de origem , impedindo ataques de rejeição de FTP. (pt)
prov:wasDerivedFrom	wikipedia-en:FTP_bounce_attack?oldid=1071950433&ns=0
page length (characters) of wiki page	1623 (xsd:nonNegativeInteger)
foaf:isPrimaryTopicOf	wikipedia-en:FTP_bounce_attack
is Link from a Wikipage to another Wikipage of	Vulnerability (computing) Confused deputy problem Ftp bounce attack File Transfer Protocol File eXchange Protocol
is Wikipage redirect of	Ftp bounce attack
is foaf:primaryTopic of	wikipedia-en:FTP_bounce_attack

Faceted Search & Find service v1.17_git139 as of Feb 29 2024

Alternative Linked Data Documents: ODE Content Formats:

RDF

ODATA

Microdata

About

OpenLink Virtuoso version 08.03.3330 as of Mar 19 2024, on Linux (x86_64-generic-linux-glibc212), Single-Server Edition (61 GB total memory, 51 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2024 OpenLink Software