Re: Spoofed FTP connections

[mrousseau () LABCAL COM (Maxime Rousseau)]

If an unlegitimate client is able to effectively establish a FTP
connection with your server using the legitimate client's IP, he sure
would be able to access it (provided he also has the password). This is
a likely scenario if the unlegitimate client is on the same subnet as
the legitimate one and can sniff the returning packets easely. Such a
FTP client shouldnt be very hard to write using the (kickass) libnet
library.

I am uncertain about the need to combine this with FXP type transfers in
order to gain access. Maybe im totally missing the point.

M.

!  -----Original <Edited> Message-----
!  From: John Scimone
!  Subject: Spoofed FTP connections
!
!  When setting up a windows based ftp server yesterday I
!  noticed the option to enable ip checking for certain
!  accounts.  What I was wondering is whether any ftp servers
!  that use this feature are vulnerable to spoofed packets of
!  a legitimate user telling the server to accept a connect
!  from another computer(the client sending the spoofed
!  packets), because isn't the forwarding allowed on most
!  sites because thats what FXP does to enable FTP to FTP
!  transfers?  Combining the spoofed packets and the forwarded
!  connection type option couldn't a client avoid ip based
!  authentication?  Also if this is possible has anyone