7.1 Reflection Journal - Foren-Ken/tech-journal GitHub Wiki

Mistakes: FTP Misconfiguration and FTP Vulnerabilities HTTP Misconfiguration and Vulnerabilities

Issue? The FTP misconfiguration was caused by multiple items:

1. The FTP server was accessible by utilizing an Anonymous user. This allowed anyone to log in without credentials to view the items in the FTP Server.
2. The Anonymous user had a directory to upload information to. This allowed the simple backdoor to be uploaded for the lab.
3. The directory which allowed for items to be uploaded was the root directory for the HTTP server. This allowed anything which was uploaded to be accessible via HTTP.

The Fix:

1. Do not allow anonymous users to access the server. This is a major issue since it provides attackers with more surface to look for vulnerabilities. This can be done by removing the anonymous user functionality.
2. If the anonymous user must be used, make it so the anonymous user can only upload, not having access to changing directory or listing contents of a directory.
3. Ensure that the directory for HTTP and FTP do not overlap. This require that the root directory of the FTP and HTTP are within an individual area.
4. Using add-ons for the HTTP service to check the HTTP Methods.