# FTP exploit going around?



## Pushrod (Dec 12, 2010)

Many years ago (at least three), I made a perl script that listens for an incoming TCP connection on a given port, and then closes any incoming connections to it, and sends an email to me to notify me of the connection attempt.

I have two copies running, one on port 21 (ftp) and another on port 23. Lately, the ftp one has been getting a ton of connections. Is there an ftp exploit going around these days?

Better yet, does anyone even use FTP anymore other than for anonymous access?


----------



## wblock@ (Dec 12, 2010)

Yes, there was a problem: https://forums.freebsd.org/showthread.php?t=19849


----------



## Pushrod (Dec 12, 2010)

Case closed I guess!


----------



## SirDice (Dec 13, 2010)

Besides the backdoored proftpd there are a ton of bruteforces going around. They are looking for accounts with simple to guess passwords. You will get the same kind of bruteforce hammering on your SSH service. Unless you want your mailbox flooded, I'd just block the stuff and forget about it.


----------



## Dereckson (Dec 13, 2010)

Pushrod said:
			
		

> Better yet, does anyone even use FTP anymore other than for anonymous access?



No, even in 2003 when I had a webhosting company. We successfully educated our clients about security and provided them a tutorial on how to use SFTP instead FTP with Filezilla. As the only stuff real difference is to add a 22 in the port field, that didn't change a lot for them.


----------



## Deleted member 9563 (Dec 13, 2010)

Pushrod said:
			
		

> Better yet, does anyone even use FTP anymore other than for anonymous access?



I suppose for professional use there are issues. However for home use it rocks for communication between all the machines in the house. It's especially good between different operating systems because it works well on anything and is simple to use and very small. so, yes.


----------

