Re: Transfer files open shares vs ftp

From: H C (keydet89@yahoo.com)
Date: 03/04/02


Date: Mon, 4 Mar 2002 12:40:57 -0800 (PST)
From: H C <keydet89@yahoo.com>
To: pen test <pentestlist@hotmail.com>, focus-ms@securityfocus.com


> Ok here is the problem. There is a NT 4.0 server
> running IIS web service
> and ftp service. The network is fire walled and all
> that.

How about a VPN of some sort? You didn't say what the
firewall is, but maybe there is a way to VPN it.

Here are a couple of things to think about:

1. NetBIOS tranfers allow the tranfer of alternate
data streams.

2. FTP transfers authentication in the clear, but
logging is much better and easier to understand...if
you do it and monitor the logs.

3. The F/W can be used to restrict IP addresses for
either service.

4. If you're worried about someone sniffing the
traffic and capturing the FTP authentication, then
you've got other things to worry about! After all,
there are no recorded incidents to date of someone
'hacking' an Internet backbone router and sniffing
traffic. However, this happens on LANs quite often.
Therefore, the LAN at either end of the connection
would be suspect.

__________________________________________________
Do You Yahoo!?
Yahoo! Sports - sign up for Fantasy Baseball
http://sports.yahoo.com