Re: Mitigate FTP

["David Glosser" <david.glosser () gmail com>]

how about using something like moveit (http://www.ipswitchft.com/)?

Clients still use ftp but then the file itself is transferred to your
actual ftp server?


On Mon, Oct 13, 2008 at 9:46 PM, Sarah Wahl <scwahl () gmail com> wrote:
> Hi All,
>   I am working with a company who is using FTP and cannot switch to a
> better protocol.  They have been seeing attacks which are most likely
> coming from one person.  The attacker is using four different IPs
> (ARIN shows them to be coming from mexico, canada and the US) with the
> same brute force attack.  They are trying to guess user names using a
> tool (don't know why they aren't just trying to sniff traffic). I have
> suggested putting in a honey pot to try and catch the attacker and
> they have locked down the service as best as possible given the fact
> they are still having to use FTP.  It is being run on IIS 6.0. The
> attacker can't get through the firewall, so no damage so far.  Do you
> have any other suggestions for trying to catch the attacker and any
> other mitigations? Any ideas would be greatly appreciated.
>
> Thank you very much,
> Sarah
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Security Trends Report from Cenzic
> Stay Ahead of the Hacker Curve!
> Get the latest Q2 2008 Trends Report now
>
> www.cenzic.com/landing/trends-report
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------