PG1X WIKI

My Knowledge Base

User Tools

Site Tools


tech:infra:ftp:ftp

FTP

Fundamentals

  • ubuntu-0
ftp 198.51.100.253
  • ubuntu-1
sudo apt install vsftpd
systemctl status vsftpd.service
  • FTP commands(Active Mode)
passive off
cd /etc
dir
get machine-id
quit
  • FTP commands(Passive Mode)
passive
cd /etc
dir
get vsftpd.conf
quit
  • FTP active mode port decision
PORT 10,1,1,254,191,147\r\n
191 * 256 + 147 = 49043
  • FTP passive mode port decision
PASV\r\n
227 Entering Passive Mode (198,51,100,253,182,46).\r\n
182 * 256 + 46 = 46638
  • Wireshark Display Filter
ftp || ftp-data || tcp.port in {20 21}

Wireshark Packet Capture Result

ubuntu-0 Console Log

Security Considerations

  1. You need consider that implement SPI (Stateful Packet Inspection) or CBAC (Context-Based Access Control) security especially FTP active mode.
  2. In Linux environment, nf_conntrack_ftp netfilter kernel module you need to load for iptables.

References

tech/infra/ftp/ftp.txt · Last modified: 2020/10/25 16:35 by wnoguchi