File Transfer Protocol (FTP): 20, 21
Security Weaknesses
Transmits data, including credentials, in plaintext, making it vulnerable to sniffing.
FTP bounce attacks can use the protocol to scan ports or launch attacks from a compromised server.
Lacks built-in encryption or authentication mechanisms.
Security Defense and Mitigation Measures
Replace FTP with secure alternatives like FTPS or SFTP.
Disable anonymous access and enforce strong passwords.
Restrict FTP access to specific IP ranges using a firewall.
Monitor logs for unusual activity.
Indicators of Compromise or Attack
Unusual file uploads or downloads.
High volumes of traffic on port 21 (TCP).
Unencrypted credentials visible in network captures.
Last updated