Home › Forums › Courses › Advanced Penetration Testing Course › Anonymous FTP Tagged: exploit, ftp, nmap This topic contains 22 replies, has 7 voices, and was last updated by I.X.L 3 years, 7 months ago. If you're using Proftpd version 1.3.5 or before, your server is vulnerable and it's just a matter of time before someone takes advantage of that vulnerability.
Local exploit time. Podjarny: FTP’s support for anonymous usage doesn’t make it less secure, but it does strengthen the need to mistrust and constrain the actions a client can make. Here is a look at 4 different FTP exploits used by hackers: 1. The remote FTP server allows anonymous logins. To upgrade and install the software, go to Add a new user “test” and configure a strong password for the user.Configure a strong password. In this way we can prevent sniffing from stealing credential in any network.Another way to steal credential is Brute force attack on FTP Server using Metasploit.Open the terminal in your kali Linux and Load metasploit framework now type following command to Brute force FTP login.From given image you can observe that our FTP server is not secure against brute force attack because it is showing matching combination of Once attack steals your username and password, he try to login into server as authorized user and then can perform mischievous action such as steal your important data or replace with malicious file.Hence our server is not secure against such kind of attack so let’s protect our FTP server.A threshold account lockout policy in windows which locked an account after certain numbers of ttempt that can be possible in UNIX also through Iptables chain rule.Here admin can set iptable chain rules for certain number of login attempts and if user crossed the define number then account will get locked for some time period as specified by admin.Type the given below command to set iptable chain rule for account lockout policy:Let’s ensure iptable chain rule working by making brute force attack as above.At the end of text file enter specific IP to whom you want to give permission for establishing connection as shown in given image.It quite important that admin should restrict all IPs other than allowed IP (192.168.0.106) to protect network from establishing connect from unknown IP.Now open configure file of vsftpd and add following lines:When valid user try to connect with another IP then server will not allow established connection as shown in given image.As we know port 21 is use as default port for FTP service therefore we can also secure port from 21 to another port.Now try to connect with FTP server via port 5000 with valid user credential and IP.
Different FTP service software have different daemons for the FTP service. Disable the Anonymous Authentication mode in FTP Authentication in Internet Information Services (IIS) Manager. Do not use birthdays, names in Pinyin and other common strings as the password.Modify the VSFTP configuration file vsftpd.conf. You can use a Open Internet Information Services (IIS) Manager, check all the hardening features for the FTP service. 220 naic.nasa.gov FTP server (Wed May 4 12:15:15 PDT 1994) ready. Author(s) Matteo Cantoni
Description. Detect anonymous (read/write) FTP server access. Modify the statement as After the service restarts, the banner information is displayed as follows:Users listed in the “ftpusers” and “user_list” files are not allowed to access FTP services, such as root, bin, and daemon.