Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: disabling ftp

disabling ftp 9 years 3 days ago #24176

  • sose
  • sose's Avatar
  • Offline
  • Honored Member
  • Posts: 813
  • Thank you received: 4
  • Karma: 3
how do I disable ftp after detecting an intrusion

still sose
sose
Network Engineer
analysethis.co/index.php/forum/index
The administrator has disabled public write access.

Re: disabling ftp 9 years 3 days ago #24179

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Is this something that you wanted to automate after some soft of Intrusion Detection is spotted ? What kind of intrusion are you talking about ?
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

Re: disabling ftp 9 years 1 day ago #24203

  • sose
  • sose's Avatar
  • Offline
  • Honored Member
  • Posts: 813
  • Thank you received: 4
  • Karma: 3
ok

just h ow to disable ftp to sav e u they effort

you ' ve been helpful smurf


still sose
sose
Network Engineer
analysethis.co/index.php/forum/index
The administrator has disabled public write access.

Re: disabling ftp 9 years 22 hours ago #24206

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Whats your FTP running on ? Windows/Unix ?

Also, what firewalls do you have ?

You could disable it either at the perimiter using the firewall or on the FTP server itself.

It is best to block at the perimiter to stop the actual traffic hitting the ftp server in the first place.

Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

Re: disabling ftp 9 years 15 hours ago #24214

  • ZiPPy
  • ZiPPy's Avatar
  • Offline
  • Expert Member
  • Posts: 500
  • Karma: 0
This scenario is still vary vague, and as Smurf has asked what exactly are we dealing with in regards to OS, firewall, IPS (open source, enterprise).

But in theory this is how I would do it –

First, you will need to find out if your IPS can detect an intrusion and have a script or batch file run. The IPS would then call that script or batch file which would send a command to shut down that ftp daemon or service.

OR

Many firewalls and IPS work together. You can configure your IPS to enable a policy on the firewall that has been pre-configured. The policy would remain dormant until the IPS would call upon it. This policy would simply be to stop traffic to the FTP port.
ZiPPy
The administrator has disabled public write access.
Time to create page: 0.080 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup