FTP Server and File Sharing Security

How do FTP attacks happen?

Brute-Force Method

FTP attacks are usually done through password attempts. Bots prepared by the attacker generate random passwords and try until they reach a result. These bots can be dozens or even thousands, coming from different servers and IP addresses. You can make the attacker's job harder by using complex and random passwords or changing the default FTP port. Even if these measures are taken, the attacker can perform port scanning to find the active FTP port again and perform the trial process again. Even if the attacker cannot access the password and infiltrate the server, your server is busy processing requests from more attackers rather than providing service to you, which causes unnecessary resource consumption and log creation. If the attacker infiltrates the server, worse scenarios such as data deletion or leaving ransom software inside the server may occur.

Zero-Day Yöntemi

Zero-Day (sıfırıncı gün açıkları), ilgili zaafiyet bildirilene veya gerçekleşene kadar tespit edilmesi oldukça zor olan güvenlik açıklarıdır. Sunucunuzun üzerinde çalışan FTP gibi servislerin versiyon ve port numaralarının gizlenmesi bu nedenle çok önemlidir. Shodan gibi servisler veya Nmap gibi yazılımlar kullanılarak, port ve versiyon tespitleri yapılıp kullanılan versiyonda herhangi bir zaafiyet olması durumunda, salgırdan sunucunuza sızabilir.

Anonymous Login Attack

If FTP is incorrectly configured, leaving anonymous access open can allow attackers to access your data. If the FTP port is open to the entire internet, this incorrect configuration can be used by attackers.

By using Protect Remote, the attacker will not have a chance to attack a place they cannot access because only users who are permitted will be able to access the FTP service on your server. All FTP attacks by bots will be immediately terminated when you activate the relevant security.