Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

ftp question


  • Please log in to reply

#1
Andybikecrazy

Andybikecrazy

    Member

  • Member
  • PipPip
  • 75 posts
I am not sure if I got this in the right topic or not....

I set up Serve-U In order for it to work I had to forward port 21 in my router settings. I just ran a firewall test and got the following message.

Type Port Services, Programs and Trojans that are commonly found to be running on this port.
tcp 21 This is the FTP service control port. Firewall rules focus on this port; then open port 20 only when required for a data transfer. Security Concerns with FTP: Cleartext; re-usable passwords. - Portal for user account grinding. - FTP Bounce; where attacker uses ftp's "port" command to redirect the FTP transfer to a port & IP other than default port 20 on the FTP server. Attacks can include "bouncing" internal network scans; email forging/flooding; etc. CERT Advisories: CA-97.16; CA-99.13. Disable this service on non-FTP servers. Open at perimeter only with static route to internal FTP server(s).
Trojans or Viruses known to use this port are: Back Construction. BladeRunner. Cattivik FTP Server. CC Invader. Dark FTP. Doly Trojan. Fore. FreddyK. Invisible FTP. Juggernaut 42. Larva. MotIv FTP. Net Administrator. Ramen. RTB 666. Senna Spy FTP server. The Flu. Traitor 21. WebEx. WinCrash.


Is it safe to leave this port open?

Edited by Andybikecrazy, 02 November 2005 - 07:04 PM.

  • 0

Advertisements


#2
Michael

Michael

    Retired Staff

  • Retired Staff
  • 1,869 posts
Personaly I am not over fanaticl about open ports, sure most of mine are closed because of I have a hardware and software firewall. But those left open like ports 21 and 80 I would not worry too much about. If you realy don\'t what to get infected that much pull your internet cable out of your computer.
  • 0

#3
Thef0rce

Thef0rce

    Member

  • Member
  • PipPipPip
  • 380 posts
it looks like a good ftp server so there must be a way to set it up so it prevents people from logging in as 'anonymous' and accessing everything that way. as long as you have some kind of password on it, should be fine. and keep it updated.
  • 0

#4
dsenette

dsenette

    Je suis Napoléon!

  • Administrator
  • 26,019 posts
  • MVP
i agree with the force....if you can set it up to where it blocks anonymous login then it should be ok....you can also just close the port when not in use...
  • 0

#5
Andybikecrazy

Andybikecrazy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
a username and password are required to log into my serve-u ftp server. So that means anonymous logins are blocked right?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP