ftp bounce attack
Options
Accepted Solution
-
The bounce attack occurred when ALG FTP is enabled.NAT works with ALG FTP, and client must set PASV mode.Enable ALG FTP DISABLE ALG FTPPASV ok failACTIVE fail failWhen ftp client select Active mode, client selects an IP and port to transfer data.ZyWALL by default detects bounce attack and drop this packet.Hence, make sure the ftp client is PASV mode.5
All Replies
-
Just curious that the log message will display on USG when your local PC which behind USG try to access FTP?
The FTP bounce attack is an exploit of the FTP protocol. Here is more detail.
http://www.securityfocus.com/advisories/174
0 -
Yes, the error display, when local user try to connect remote ftp. And the connection does not occur.
I did this rule for all lan ip, and part of PC connect, other part falls with subject error.0 -
The bounce attack occurred when ALG FTP is enabled.NAT works with ALG FTP, and client must set PASV mode.Enable ALG FTP DISABLE ALG FTPPASV ok failACTIVE fail failWhen ftp client select Active mode, client selects an IP and port to transfer data.ZyWALL by default detects bounce attack and drop this packet.Hence, make sure the ftp client is PASV mode.5
Categories
- All Categories
- 384 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 78 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 909 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 209 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 898 Nebula FAQ
- 415 Security FAQ
- 234 Switch FAQ
- 205 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 62 Security Highlight