Vulnerability Development mailing list archives
Spoofed FTP connections
From: johnscimone () HOTMAIL COM (John Scimone)
Date: Sun, 25 Jun 2000 22:31:31 -0000
When setting up a windows based ftp server yesterday I noticed the option to enable ip checking for certain accounts. What I was wondering is whether any ftp servers that use this feature are vulnerable to spoofed packets of a legitimate user telling the server to accept a connect from another computer(the client sending the spoofed packets), because isn't the forwarding allowed on most sites because thats what FXP does to enable FTP to FTP transfers? Combining the spoofed packets and the forwarded connection type option couldn't a client avoid ip based authentication? Also if this is possible has anyone written an FTP client yet that performs this? This is totally theoretical and I'm sure I'm probably missing something which makes this impractical, but any replys are welcome.
Current thread:
- Re: Another new worm???, (continued)
- Re: Another new worm??? Jason Legate (Jun 22)
- Red Hat 6.2's ftp segmentation fault Paulo Ribeiro (Jun 22)
- Re: Red Hat 6.2's ftp segmentation fault Osvaldo J. Filho (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Michal Zalewski (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Jeff Bachtel (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Philip Rowlands (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Bluefish (Jun 24)
- Re: Red Hat 6.2's ftp segmentation fault Jim Kinney (Jun 24)
- Re: Red Hat 6.2's ftp segmentation fault Blue Boar (Jun 24)
- Different attack vector - PXE-2.0 protocol Ollie Whitehouse (Jun 25)
- Spoofed FTP connections John Scimone (Jun 25)
- Re: Red Hat 6.2's ftp segmentation fault Jason Storm (Jun 24)
- Keyboard recording Martin M Samson (Jun 21)
- Re: Another new worm??? Blue Boar (Jun 21)
- Re: Another new worm??? Steve Mosher (Jun 22)
- disclosure and risk to list subscribers (Re: Another new worm???) Mark Rafn (Jun 22)