FTP security considerations

Yeeman (yeeman yi.man@263.net)
Release date:
Copyright: The copyright of this Chinese translation document belongs to China Interactive publishing network. It can be freely reproduced for non-commercial purposes, but must
Retain the translation and copyright information of this document.
This document is a translation of RFC2577.

FTP security considerations
(RFC2577 FTP Security Considerations)

Status of this Memorandum
This Memorandum provides some information to the Internet Society, but does not specify any Internet standard. Release Notes
The record is unrestricted.

Copyright Notice
Copyright (C) The Internet Society (1999). All Rights Reserved.

Summary
This article describes the file transfer protocol (FTP), which includes some mechanisms to mitigate network security issues.
This FTP specification allows a client to send a server to a third-party machine. This "third-party" mechanism, we
It is called "proxy FTP", which brings a famous security problem. This FTP specification also allows numerous attempts to use
User Password, which brings about a powerful "password guess" attack. This document provides system administrators and
People provide some suggestions to reduce FTP-related security issues.

1. Introduction 1
2. Jump Attack (Bounce Attack) 2
3. Avoid jump attacks 2
4. Restricted Access 3
5. Password protection 3
6. Privacy 3
7. Protect username 3
8. Port theft 4
9. software-based security issue 4
10. Conclusion 4
11. security considerations 4
<! -- StartFragment --> 1. Introduction
File Transfer Protocol Specification (FTP) [PR85] provides a method for allowing clients to establish FTP control connections and
File Transfer Between FTP servers. This "proxy FTP" mechanism can be used to reduce network traffic and client life
Let one server transmit files to another server, instead of transmitting files to the client from the first server, and then
The client then loses to the second server. This is useful when the client connects to the network very slowly. However
Proxy FTP also brings about a security problem-"bounce attack" [CERT97: 27]. Division
In addition, attackers can exploit this vulnerability to guess the password of an FTP server.
This document does not consider the combination of FTP and strong security protocols (such as IP Security. Although
These security concerns are beyond the scope of this document, but they should also be written as documents.
This article provides some information to the implementer and System Administrator of the FTP server, as shown below. Chapter 2 describes
FTP "Jump attack ". Chapter 3 provides suggestions for reducing "Jump attacks. Chapter 4 restrict access based on network addresses
Suggestions are provided for the server. Chapter 5 provides suggestions for limiting the client's strong "guess password. Next, Chapter 6
The mechanism for improving confidentiality is briefly discussed. Chapter 7 provides a mechanism to prevent user identities from being guessed. Chapter 8 discusses Terminal
Port theft. Finally, chapter 9 discusses other FTP security issues related to software vulnerabilities that are not related to the Protocol itself.
2. Jump Attack (Bounce Attack)
The FTP specification specified in RFC959 [PR85] provides a method to attack well-known network servers and
Attackers are difficult to track. Attackers send an FTP "PORT" command to the target FTP server, which contains the host.
And the port number of the attacked service. In this way, the client can command the FTP server to send a file to
Attack service. This file may contain commands related to the service (such as SMTP and NNTP) attacked by the root ). Because yes
A third-party command is used to connect to a service, instead of directly connecting to the Service, which makes it difficult to track attackers and avoid
Network Address-based access restrictions.
For example, a client uploads a packet containing the SMTP command to the FTP server. Then, use the correct PORT
The Client Command server opens an SMTP port connected to a third-party machine. Finally, the Client Command Service
To transmit the packet containing the SMTP command to a third-party machine. In this way, the client does not establish any direct
And forged emails on a third-party machine, and it is difficult to track this attacker.