Mark Allman

Mark Allman / ICSI

@mallman_icsi

Updated on Oct 27, 2020

Home Contact Information Schedule

Papers Talks Software Data Projects

Teaching Students

Professional Activities Group Blog

Fun and Trivia

Mark Allman, Shawn Ostermann. FTP Security Considerations, May 1999. RFC 2577.
Status: Informational.
TXT | Errata
Abstract:

The specification for the File Transfer Protocol (FTP) contains a number of mechanisms that can be used to compromise network security. The FTP specification allows a client to instruct a server to transfer files to a third machine. This third-party mechanism, known as proxy FTP, causes a well known security problem. The FTP specification also allows an unlimited number of attempts at entering a user's password. This allows brute force "password guessing" attacks. This document provides suggestions for system administrators and those implementing FTP servers that will decrease the security problems associated with FTP.

BibTeX:
@misc{AO99,
    author =        "Mark Allman and Shawn Ostermann",
    title  =        "{FTP Security Considerations}",
    year   =        1999,
    month  =        may,
    note   =        "RFC 2577",
}

PRINT NOTHING

"We are what we repeatedly do. Excellence, then, is not an act, but a habit." --Aristotle