If I can obtain the real names of your users, that can turn out to be valuable information that helps me figure out FTP logins and other authentication information. Obviously, before I can start guessing passwords, I would need to get a hold of some usernames. The next thing I would do would be to obtain as much information as I can about the people who use your FTP service.
If nmap tells me a port is open, that means it's hackable. After scanning, I discovered that a host or server in your network identified as 10.0.0.4 has an open FTP port (21). Let's assume I know that your network is identified as 10.0.0.0. Default ports are usually a good place to start guessing. The first thing I would do is use a security scanner like nmap to discover what hostnames you might have on your network and what open ports/services those hosts might in turn have. But if I were one, brute forcing is how I would hack into your FTP server. If a bored kid would like to hack into your FTP server, he can do so with relative ease. And while they're not exactly what you might normally call kid stuff, kids are already using them to hack into government offices. They are spewed forth by hacking tools that reference a really long list of possible passwords, often called a wordlist.īy the way, these tools are mostly free. But these "guesses", delivered one after another, are done very rapidly. It's a way of cracking passwords by guessing. It's not the right way to do math, but sometimes he'd be able to get the answer anyway.Ī brute force attack is like that. Have you tried testing a kid who's just started learning math? If he thinks the answer is somewhere say between 2 and 7 but doesn't know exactly what it is, he may resort to guessing: "Is the answer 4?", "5?", "6?", "3?".
The basic principle behind a brute force attack is very simple. Let's discuss brute force attacks and how to protect your FTP passwords from them. It's really not very difficult to carry out. That's why brute force is still one of the favorite techniques for breaking into any password-protected system, including FTP servers behind firewalls. "Always use strong passwords." - You probably don't pay too much attention to this advice, do you? A lot of people don't either.
0 kommentar(er)
