From 탱이의 잡동사니
FTP 설정 정리
FTP 는 편리하다. 하지만 여러모로 보안에 취약한 부분이 많다. 간단히 말해서, 보안상, 공개된 네트워크에서는 사용하지 않는 것이 좋다.
- FTP Bounce Attack
- Generally a file transfer happens when the source FTP server sends the data to the client which transmits the data to the destination FTP server. When there’s a slow network connection, people often resort to using a proxy FTP which makes the client instructs the data transmission directly between two FTP servers. A hacker can take advantage of this type of file transfer and use a PORT command to request access to ports by posing as a middle man for the file transfer request; then execute port scans on hosts discreetly and gain access data transmitted over the network.
- FTP Brute Force Attack
- An attacker can carry out a brute force attack to guess the FTP server password by implementing a means to repeatedly try different password combinations until they can succeed in the break-in. A weak password and repeated use of the same password for multiple FTP servers can also help the hacker gain quick access. Once the password is guessed, your data is exposed.
- Packet Capture (or Sniffing)
- Because the data transfer via FTP is in clear text, any sensitive information such as usernames, passwords can be easily read network packet capture techniques such as packet sniffing. A packet sniffer is just a piece of computer program which can capture transmitted data packets and decode the packet's raw data exposing data contained in the various fields of the packet.
- Spoof Attack
- When we restrict access to FTP servers based on the network address, it is possible that a cyber-criminal can use an external computer and assume the host address of a computer on the enterprise network, and download files during data transfer.
- Port Stealing
- When operating systems assign dynamic port numbers in a particular order or pattern, an attacker easily decodes the pattern and identify the next port number which will be used. By illegally gaining access to a port number, the legitimate client trying to access the file will be denied and the hacker can steal files, or even insert a forged file or malicious file into the data stream which will be accessed by other legitimate users in the organization.
? 혹은 help 를 입력하면 사용가능한 명령어 목록을 확인할 수 있다.
ftp> ? Commands may be abbreviated. Commands are: ! dir mdelete qc site $ disconnect mdir sendport size account exit mget put status append form mkdir pwd struct ascii get mls quit system bell glob mode quote sunique binary hash modtime recv tenex bye help mput reget tick case idle newer rstatus trace cd image nmap rhelp type cdup ipany nlist rename user chmod ipv4 ntrans reset umask close ipv6 open restart verbose cr lcd prompt rmdir ? delete ls passive runique debug macdef proxy send
ftp> help quote quote send arbitrary ftp command
ftp> put tmp.txt local: tmp.txt remote: tmp.txt 200 PORT command successful. Consider using PASV. 150 Ok to send data. 226 Transfer complete. 595 bytes sent in 0.00 secs (34179.7 kB/s)
ftp> get ./airgogo_2016.csv local: ./airgogo_2016.csv remote: ./airgogo_2016.csv 200 PORT command successful. Consider using PASV. 150 Opening BINARY mode data connection for ./airgogo_2016.csv (5472 bytes). 226 Transfer complete. 5472 bytes received in 0.02 secs (288.2 kB/s)
접속 후, 파일을 업로드 한다.
#!/bin/sh HOST='localhost' USER='username' PASSWD='password' FILE='file.txt' ftp -n $HOST <<END_SCRIPT quote USER $USER quote PASS $PASSWD put $FILE quit END_SCRIPT exit 0
- http://www.stratigery.com/scripting.ftp.html - How to use ftp in a shell script