Ftp

From 탱이의 잡동사니
Jump to: navigation, search

Overview

FTP 설정 정리

Basic

Security risks

FTP 는 편리하다. 하지만 여러모로 보안에 취약한 부분이 많다[1]. 간단히 말해서, 보안상, 공개된 네트워크에서는 사용하지 않는 것이 좋다.

  • FTP Bounce Attack
Generally a file transfer happens when the source FTP server sends the data to the client which transmits the data to the destination FTP server. When there’s a slow network connection, people often resort to using a proxy FTP which makes the client instructs the data transmission directly between two FTP servers. A hacker can take advantage of this type of file transfer and use a PORT command to request access to ports by posing as a middle man for the file transfer request; then execute port scans on hosts discreetly and gain access data transmitted over the network.
  • FTP Brute Force Attack
An attacker can carry out a brute force attack to guess the FTP server password by implementing a means to repeatedly try different password combinations until they can succeed in the break-in. A weak password and repeated use of the same password for multiple FTP servers can also help the hacker gain quick access. Once the password is guessed, your data is exposed.
  • Packet Capture (or Sniffing)
Because the data transfer via FTP is in clear text, any sensitive information such as usernames, passwords can be easily read network packet capture techniques such as packet sniffing. A packet sniffer is just a piece of computer program which can capture transmitted data packets and decode the packet's raw data exposing data contained in the various fields of the packet.
  • Spoof Attack
When we restrict access to FTP servers based on the network address, it is possible that a cyber-criminal can use an external computer and assume the host address of a computer on the enterprise network, and download files during data transfer.
  • Port Stealing
When operating systems assign dynamic port numbers in a particular order or pattern, an attacker easily decodes the pattern and identify the next port number which will be used. By illegally gaining access to a port number, the legitimate client trying to access the file will be denied and the hacker can steal files, or even insert a forged file or malicious file into the data stream which will be accessed by other legitimate users in the organization.

Commands

?, help

? 혹은 help 를 입력하면 사용가능한 명령어 목록을 확인할 수 있다.

ftp> ?
Commands may be abbreviated.  Commands are:

!		dir		mdelete		qc		site
$		disconnect	mdir		sendport	size
account		exit		mget		put		status
append		form		mkdir		pwd		struct
ascii		get		mls		quit		system
bell		glob		mode		quote		sunique
binary		hash		modtime		recv		tenex
bye		help		mput		reget		tick
case		idle		newer		rstatus		trace
cd		image		nmap		rhelp		type
cdup		ipany		nlist		rename		user
chmod		ipv4		ntrans		reset		umask
close		ipv6		open		restart		verbose
cr		lcd		prompt		rmdir		?
delete		ls		passive		runique
debug		macdef		proxy		send

quote

ftp> help quote
quote     	send arbitrary ftp command

put

파일을 전송한다.

ftp> put tmp.txt 
local: tmp.txt remote: tmp.txt
200 PORT command successful. Consider using PASV.
150 Ok to send data.
226 Transfer complete.
595 bytes sent in 0.00 secs (34179.7 kB/s)

get

파일을 수신한다.

ftp> get ./airgogo_2016.csv
local: ./airgogo_2016.csv remote: ./airgogo_2016.csv
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for ./airgogo_2016.csv (5472 bytes).
226 Transfer complete.
5472 bytes received in 0.02 secs (288.2 kB/s)

Examples

put example

접속 후, 파일을 업로드 한다.

#!/bin/sh
HOST='localhost'
USER='username'
PASSWD='password'
FILE='file.txt'
 
ftp -n $HOST <<END_SCRIPT
quote USER $USER
quote PASS $PASSWD
put $FILE
quit
END_SCRIPT
exit 0

See also

References

  1. http://thehackernews.com/2013/12/security-risks-of-ftp-and-benefits-of.html