Warezmaster and Warezclient: An implementation of FTP based R2L attacks

Debdeep Dey, Archisman DInda, Poornima Panduranga Kundapur, R. Smitha

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Although the File Transfer Protocol (FTP) was not designed with strict security measures in place, which is quite evident from the fact that all the commands and data are transmitted in clear text, subsequent additions to the protocol have implemented security features like upgrading the connection to Transport Layer Security (TLS) in FTPS. In spite of such developments, FTP remains an inherently insecure protocol, that refuses to die. The FTP, despite its quirks, has proven to be extremely resilient. As of 2015, more than 13 million FTP servers exist in the Internet Protocol Version 4 (IPv4) address space. With the advent of the Internet of Things (IoT) and the proliferation of internet enabled hand held devices, the security of computer networks has become a very important issue. There are two broad divisions of security threats, Remote exploits and local attacks. Remote to local attacks are a serious threat to computer networks. In this paper, we implement two specific remote to local attacks, the Warezmaster (WM) and the Warezclient attack (WC), which exploit the vulnerabilities present in 'anonymous' FTP on both Linux and Windows. We then go on to discuss the ramifications of such an attack, it's limitations as well as the methods to prevent such attacks.

Original languageEnglish
Title of host publication8th International Conference on Computing, Communications and Networking Technologies, ICCCNT 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781509030385
DOIs
Publication statusPublished - 13-12-2017
Externally publishedYes
Event8th International Conference on Computing, Communications and Networking Technologies, ICCCNT 2017 - Delhi, India
Duration: 03-07-201705-07-2017

Conference

Conference8th International Conference on Computing, Communications and Networking Technologies, ICCCNT 2017
CountryIndia
CityDelhi
Period03-07-1705-07-17

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Computer Science Applications
  • Computer Vision and Pattern Recognition
  • Signal Processing
  • Modelling and Simulation
  • Artificial Intelligence

Fingerprint Dive into the research topics of 'Warezmaster and Warezclient: An implementation of FTP based R2L attacks'. Together they form a unique fingerprint.

  • Cite this

    Dey, D., DInda, A., Kundapur, P. P., & Smitha, R. (2017). Warezmaster and Warezclient: An implementation of FTP based R2L attacks. In 8th International Conference on Computing, Communications and Networking Technologies, ICCCNT 2017 [8203964] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICCCNT.2017.8203964