Abwehren von Eindringlingen und böswilligen Mitarbeitern

FTP is a prime target for intruders as well as malicious employees and contractors. Tools and techniques used to gain access to FTP servers are widely shared even amongst amateur hackers. Tens of thousands of hackers have taken the time to create and upload instructional videos on how to attack FTP and post them on polular sites like YouTube. That these videos amass hundreds of thousands of views shows how popular FTP attacks are.
 
Some of the main rea­sons are:
  • FTP allows an intruder unlimited logon attempts
  • FTP is widespread use in every company, but without centralized management
  • Most enterprises are unaware of the proliferation of FTP in their network
  • The lack of awareness leads to a lack of monitoring tools to detect or prevent attacks
  • The risk of detection is minimal due to the lack of monitoring
  • New methods drastically reduce the number of attempts needed to obtain a password
FTP/​Armor detects attacks AND actively blocks the attacks in real-​time while alerting IT staff of the attack taking place.

Warum wächst die Bedrohung?

Most people expect their account to be locked after entering a number of invalid passwords in a row — whether it is when they log on to a computer or when theinsert their debit card into an ATM. Not so with FTP. A number of products to aid in automated FTP password hacking make use of the fact that FTP will allow users to enter invalid passwords literally for days without locking the account or alerting anyone. These tools are widely available on the internet, and the instructions on how to use them are even posted on YouTube and other video sharing sites.

FTP hacking tools typically offer two methods of attacks:

Dictionary-​based Attacks

While Brute Force Attacks are guaranteed to eventually discover the correct password, the downside is that the may run for a very long time. Attackers therefore often try another, far quicker method first: The Dictionary-​based Attack. With that approach, the attacker supplies the tool with a dictionary — a list of words to try as passwords in various combinations. These lists usually consist of human names, pet names, places, TV shows, etc. A sample list might be: ‘adam, Adam, apple, Apple, barbara, Barbara, chicago, Chicago, fido, Fido, house, House,’ etc. Should the Dictionary-​based attack fail to find the correct password, then the intruder would resort to the Brute Force Attack instead:

Brute Force Attacks

Brute force attacks let the attacker set a minimum and maximum password length, and the tool will connect to the FTP server and try all possible password combinations matching those criteria in a serial manner, e.g. from aaa to ZZZZZZZZ until it finds the correct password. Some FTP Servers (e.g. on z/​OS) do not support case-​sensitive passwords, which significantly increases the vulnerability to brute force attacks due to the reduced number of potential password combinations.

Möchten Sie mehr erfahren? Kontaktieren Sie uns!

Wenn Sie mehr erfahren möchten, eine Trial Version bekommen möchten oder eine Produktpräsentation, dann kontaktieren Sie uns einfach. Wir werden Ihnen so schnell wie möglich antworten.

The latest Products

Intelligent Routing Platform

IPBrick.IC

iPortalDoc

Follow Us

Facebook

 

Twitter

Google+

LinkedIn

Warum schützt meine Firewall mich nicht?

One of the most common mistakes made is to assume that only Internet-​facing FTP Servers need to be protected. The opposite is true. While a firewall is very helpful in keeping the vast majority of amateur hackers, college kids etc. out, firewalls have the following shortfalls:
 
✔ - Firewalls are no match for professional intruders. Email​based phishing scams and other techniques enable professional intruders to take control of computers on the corporate network despite firewalls being in place.
 
✔ - The advent of telecommuting and work-​from-​home days makes corporate devices easier to penetrate, especially when these devices are used by the family members of employees.
 
✔ - The rising practice of BYOD (Bring Your Own Device) — allowing employees to use personal devices for work purposes — reduces a corporation’s ability to install appropriate safeguards on devices attached to the corporate network.
 
✔ - Firewalls cannot protect against actions by malicious, disgruntled or misguided employees and contractors having legitimate access to the corporate network. In the recently released report ” Understand The State Of Data Security And Privacy: 2012 To 2013”, Industry Analyst Forrester Group estimates that about 33% of all cases of malicious data thefts are performed by insiders with legitimate access to the network.
 
Corporations therefore need a second layer of defense – protection against threats from inside the corporate network as well as outside intruders that have penetrated the firewall. Reliable protection can only be achieved by securing each system – especially servers holding sensitive data – as if there were no firewall at all.

Kontakt

Blue Sea Technology GmbH & Co. KG Beckumer Str. 152
59229 Ahlen

+49 (0) 2382 966 225
o.henning@blueseasoft.de