Watch for FTP Attacks

As we posted to WatchDog last week, more and more attacks against FTP implementations are likely in the coming weeks. We noticed the release of a new GUI FTP fuzzer and so far it appears to be getting heavy use to find new vulnerabilities in several FTP servers, both commercial and shareware/freeware/open source. New FTP vulnerabilities and exploits are starting to emerge and are very likely to continue.

Admins of FTP servers should pay careful attention to their logs and their vendor information sources for new vulnerabilities and patches. It might also be a good time to make sure you have proper IDS/IPS coverage for all of your FTP servers and network drops.

As new fuzzers get developed and released, we think this might be an interesting precursor to vulnerability patterns. Let us know if you see anything interesting!

This entry was posted in General InfoSec by Brent Huston. Bookmark the permalink.

About Brent Huston

I am the CEO of MicroSolved, Inc. and a security evangelist. I have spent the last 20+ years working to make the Internet safer for everyone on a global scale. I believe the Internet has the capability to contribute to the next great leap for mankind, and I want to help make that happen!

Leave a Reply