FTP:被遗忘的云

2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2016-06-01 DOI:10.1109/DSN.2016.52

Drew Springall, Z. Durumeric, J. A. Halderman

{"title":"FTP:被遗忘的云","authors":"Drew Springall, Z. Durumeric, J. A. Halderman","doi":"10.1109/DSN.2016.52","DOIUrl":null,"url":null,"abstract":"Once pervasive, the File Transfer Protocol (FTP) has been largely supplanted by HTTP, SCP, and BitTorrent for transferring data between hosts. Yet, in a comprehensive analysis of the FTP ecosystem as of 2015, we find that there are still more than 13~million FTP servers in the IPv4 address space, 1.1~million of which allow \"anonymous\" (public) access. These anonymous FTP servers leak sensitive information, such as tax documents and cryptographic secrets. More than 20,000 FTP servers allow public write access, which has facilitated malicious actors' use of free storage as well as malware deployment and click-fraud attacks. We further investigate real-world attacks by deploying eight FTP honeypots, shedding light on how attackers are abusing and exploiting vulnerable servers. We conclude with lessons and recommendations for securing FTP.","PeriodicalId":102292,"journal":{"name":"2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"22","resultStr":"{\"title\":\"FTP: The Forgotten Cloud\",\"authors\":\"Drew Springall, Z. Durumeric, J. A. Halderman\",\"doi\":\"10.1109/DSN.2016.52\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Once pervasive, the File Transfer Protocol (FTP) has been largely supplanted by HTTP, SCP, and BitTorrent for transferring data between hosts. Yet, in a comprehensive analysis of the FTP ecosystem as of 2015, we find that there are still more than 13~million FTP servers in the IPv4 address space, 1.1~million of which allow \\\"anonymous\\\" (public) access. These anonymous FTP servers leak sensitive information, such as tax documents and cryptographic secrets. More than 20,000 FTP servers allow public write access, which has facilitated malicious actors' use of free storage as well as malware deployment and click-fraud attacks. We further investigate real-world attacks by deploying eight FTP honeypots, shedding light on how attackers are abusing and exploiting vulnerable servers. We conclude with lessons and recommendations for securing FTP.\",\"PeriodicalId\":102292,\"journal\":{\"name\":\"2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"22\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSN.2016.52\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN.2016.52","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 22

摘要

文件传输协议(FTP)一旦普及，就在很大程度上被HTTP、SCP和BitTorrent所取代，用于在主机之间传输数据。然而，综合分析截至2015年的FTP生态系统，我们发现IPv4地址空间中仍有1300多万台FTP服务器，其中110多万台允许“匿名”(公共)访问。这些匿名FTP服务器泄露敏感信息，如税务文件和加密秘密。超过20,000个FTP服务器允许公共写访问，这为恶意行为者使用免费存储以及恶意软件部署和点击欺诈攻击提供了便利。我们通过部署8个FTP蜜罐进一步调查现实世界的攻击，揭示攻击者如何滥用和利用易受攻击的服务器。最后，我们给出了保护FTP的经验教训和建议。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

FTP: The Forgotten Cloud

Once pervasive, the File Transfer Protocol (FTP) has been largely supplanted by HTTP, SCP, and BitTorrent for transferring data between hosts. Yet, in a comprehensive analysis of the FTP ecosystem as of 2015, we find that there are still more than 13~million FTP servers in the IPv4 address space, 1.1~million of which allow "anonymous" (public) access. These anonymous FTP servers leak sensitive information, such as tax documents and cryptographic secrets. More than 20,000 FTP servers allow public write access, which has facilitated malicious actors' use of free storage as well as malware deployment and click-fraud attacks. We further investigate real-world attacks by deploying eight FTP honeypots, shedding light on how attackers are abusing and exploiting vulnerable servers. We conclude with lessons and recommendations for securing FTP.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

自引率

0.00%

发文量

期刊最新文献

ELZAR: Triple Modular Redundancy Using Intel AVX (Practical Experience Report) DomainProfiler: Discovering Domain Names Abused in Future OSIRIS: Efficient and Consistent Recovery of Compartmentalized Operating Systems HSFI: Accurate Fault Injection Scalable to Large Code Bases Secure and Efficient Multi-Variant Execution Using Hardware-Assisted Process Virtualization