Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Applications /

Revealing FTP services

Gearhead archive By Mark Gibbs
Network World, 08/27/01

So last week we threatened you with the truth about the "SITE" command. This command may seem innocuous - it returns information about the server. Exactly what information is returned depends on the server implementation, and the easiest way to check out what a specific FTP server will tell you is to telnet to Port 21 on the target server and issue a "SITE" command:

220 ftp.someserver.com ready. Unauthorized access prohibited.
USER ANONYMOUS
331 Guest login ok, send your complete e-mail address as password.
PASS ANON@ANON.COM
230 Guest login ok, access restrictions apply.
SITE
500 'SITE': command not understood.

This server doesn't want to tell us anything. Issuing the system type command, "SYST," will tell us what they are running:

Advertisement:

SYST
215 UNIX Type: L8
And the status command, "STAT," will tell us about our session:
STAT
211-ftp.someserver.com FTP server status:
Version wu-2.6.0(2) Wed Feb 2811:35:54 PST 2001
Connected to somenet.net
(163.247.121.110)
Logged in anonymously
TYPE: ASCII, FORM:Nonprint;STRUcture: File; transfer MODE: Stream
No data connection
0 data bytes received in 0 files
0 data bytes transmitted in 0 files
0 data bytes total in 0 files
89 traffic bytes received in 0 transfers
1183 traffic bytes transmitted in 0 transfers
1322 traffic bytes total in 0 transfers
211 End of status

All of this really doesn't give anything away. But try the same thing on the FTP service on a Microsoft Internet Information Server (IIS) FTP system (in this case, Microsoft's):

220 CPMSFTFTPA05 Microsoft FTP Service (Version 5.0).
USER ANONYMOUS
331 Anonymous access allowed, send identity (e-mail name) as password.
PASS anon@anon.com
230-This is FTP.MICROSOFT.COM Please see the dirmap.txt
230-file for more information.
230 Anonymous user logged in.
SYST
215 Windows_NT Version 5.0
SITE STATS
200-ABOR : 21886

(Here are a lot of stats about how many times each command was used such as more than 21,000 aborts shown above and, although we haven't shown it, there were just over 128,000 login attempts since the server started.)

200 End of stats.

Basically, these kind of data give away a lot about the site's usage. If this were a competitor of yours running IIS, wouldn't you be interested to know how many FTP logons were attempted? And if it were your site, wouldn't you want to switch off delivery of such information? Guess what? You can't. Such is and always has been IIS. Perhaps you need another brand of FTP server.

Revealing comments to gearhead@gibbs.com.

RELATED LINKS

Comments and suggestions to gh@gibbs.com.

Gibbs Forum
The place to discuss Gibbs's columns.

Check out this week's edition of

Backspin for more musings from Gibbs.

Part 1: Intro to FTP
Network World, 7/23/01.

Part 2: The connection to the server is made
Network World, 7/30/01.

Part 3: Connection modes
Network World, 8/6/01.

Part 4: Let the transfers begin
Network World, 8/13/01.

Part 5: FTP server security
Network World, 8/20/01.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.