You work as the security administrator at Certpaper .com. You are investigating the consequences
of networks attacks aimed at FTP servers. Which of the following states the aim of a FTP (File
Transfer Protocol) bounce attack?
A.
The attack aims to store and distribute malicious code.
B.
The attack aims to exploita buffer overflow vulnerability on the FTP server.
C.
The attack aims to establish a connection between the FTP server and another computer.
D.
The attack aims to reboot the FTP server.
Explanation:
In some implementations of FTP daemons, the PORT command can be misused to open a
connection to a port of the attacker’s choosing on a machine that the attacker could not have
accessed directly. There have been ongoing discussions about this problem (called “FTP bounce”)
for several years, and some vendors have developed solutions for this problem.
For more detailed information on this FTP Bounce attack refer to the hyperlink.
Reference:
http://www.cert.org/advisories/CA-1997-27.html