FTP exploit going around?

Pushrod

Pushrod

Many years ago (at least three), I made a perl script that listens for an incoming TCP connection on a given port, and then closes any incoming connections to it, and sends an email to me to notify me of the connection attempt.

I have two copies running, one on port 21 (ftp) and another on port 23. Lately, the ftp one has been getting a ton of connections. Is there an ftp exploit going around these days?

Better yet, does anyone even use FTP anymore other than for anonymous access?
 
Besides the backdoored proftpd there are a ton of bruteforces going around. They are looking for accounts with simple to guess passwords. You will get the same kind of bruteforce hammering on your SSH service. Unless you want your mailbox flooded, I'd just block the stuff and forget about it.
 
Pushrod said:
Better yet, does anyone even use FTP anymore other than for anonymous access?
Click to expand...

No, even in 2003 when I had a webhosting company. We successfully educated our clients about security and provided them a tutorial on how to use SFTP instead FTP with Filezilla. As the only stuff real difference is to add a 22 in the port field, that didn't change a lot for them.
 
Pushrod said:
Better yet, does anyone even use FTP anymore other than for anonymous access?
Click to expand...

I suppose for professional use there are issues. However for home use it rocks for communication between all the machines in the house. It's especially good between different operating systems because it works well on anything and is simple to use and very small. so, yes.
 
You must log in or register to reply here.
Back
Top