FTP bounce attack is an exploit of the FTP protocol whereby an attacker is able to use the PORT command to request access to ports indirectly through the use of the victim machine as a middle man for the request.
This technique can be used to port scan hosts discreetly, and to access specific ports that the attacker cannot access through a direct connection.
nmap is a port scanner that can utilize an FTP bounce attack to scan other servers.
Nearly all modern FTP server programs are configured by default to refuse PORT commands that would connect to any host but the originating host, thwarting FTP bounce attacks.
Famous quotes containing the words bounce and/or attack:
“Trade and commerce, if they were not made of India-rubber, would never manage to bounce over the obstacles which legislators are continually putting in their way; and, if one were to judge these men wholly by the effects of their actions and not partly by their intentions, they would deserve to be classed and punished with those mischievous persons who put obstructions on the railroads.”
—Henry David Thoreau (1817–1862)
“Adolescents swing from euphoric self-confidence and a kind of narcissistic strength in which they feel invulnerable and even immortal, to despair, self-emptiness, self-deprecation. At the same time they seem to see an emerging self that is unique and wonderful, they suffer an intense envy which tears narcissism into shreds, and makes other people’s qualities hit them like an attack of lasers.”
—Terri Apter (20th century)