Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sounds like ftp-anon needs work?

From: SM <sm () resistor net>
Date: Sun, 23 May 2010 09:35:24 -0700
At 09:48 22-05-10, Gutek wrote:

According to the RFC640 and to summarize, here is the logon sequence
with commands and (first) their respective positive replies, followed by
the negative ones.


That would be RFC 959.


So if the script would deal with the ACCT-case it should check for a 332
at both USER stage and PASS stage (and another one I'll speak about later).



  "If account information is NOT required for login, the reply
   to a successful PASSword command is 230; and if the account
   information is needed for a command issued later in the
   dialogue, the server should return a 332 or 532 reply
   depending on whether it stores (pending receipt of the
   ACCounT command) or discards the command, respectively."

Regards,
-sm


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: