This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Summary of Protocol diagram:
- Protocol diagram gives brief explanation about FTP SERVER, FIREWALL and FTP CLIENT.
- FTP SERVER consists of four ports they are Port53, port50 Port22 and Port21.
- Firewall is provided to stop any type of attacks from the clients to the securable Ports (server).
- FTP CLIENT consists of three clients they are 1100, 1200, 1475 and 5003.
- FTP client 1100 sends synchronisation to the port 21 to establish the connection of TCP.
- FTP Server sends an acknowledgment to FTP client1100 when it receives the synchronisation.
- Then the FTP client1100 completes the TCP three way hand shake with an acknowledgement.
- FTP server indicates that the server is ready to accept a login by sending a code 220.
- Then the FTP client acknowledges the FTP220 TCP packet.
- FTP client sends the login user i.d to v FTP server.
- FTP server acknowledges the FTP client that the user i.d is received.
- Then the server sends FTP 331 to the client to enter the password.
- Then the client sends an email address as a password to the FTP server.
- FTP server acknowledges the client when it receives an email address.
- Then the FTP server displays welcome message by FTP 230 after logged in.
- And then it displays the login information to the FTP client.
- FTP client acknowledges the server when it receives the login information.
- Then FTP client 1200 sends passive connection to the FTP server port 21.
- FTP server acknowledges the clients that its ready.
- FTP client 1200 starts attack on FTP server port 22.
- But the Firewall stops the attack from the client due to high security of FTP server port22.
The socket connection is failed when we set a passive connection from FTP client to FTP server for port22 because of firewall stops the attack from client to highly securable port22. Hence the connection is not established.
Critical Appraisal of Python:
Python is a high level programming language. It emphasizes code readability. It combines remarkable power with clear syntax and its standard library is very large and comprehensive. Python supports multi programming paradigms like object oriented, functional. It is similar to other languages like Perl, Ruby, and T.C.L. Like other languages Python is used as a scripting Language for Web applications e.g. via mod_python for the Apache Web Server. Python has a wide use Information security Industry. It has been used in several video games.
For many operating systems, Python is a standard component, it ships with most Linux distributions, with Net BSD, and open BSD, and with Mac OSX. Gentoo Linux uses Python in its package management system. The users of Python are YouTube and the original Bit Torrent client. Large organizations that make use of python include Google, Yahoo, CERN, NASA and ITA Most of the sugar software for the one laptop per child XO, now developed at Sugar labs is written in Python.
Python uses Duck typing and has typed objects but un-typed variable names .type constraints are not checked at compile time rather, operations on an object can fail, signifying that the given object is not a suitable type. Python allows programmers to define their own types using classes, which are most often used for object-oriented programming. Python had two types of classes;"old style" and "new style". Old style classes were eliminated in Python 3.0, making all classes new style. In versions between 2.2 and 3.0, both kinds of classes can be used. The syntax of both styles is the same. The difference being whether the class object is inherited from, directly or indirectly (all new style classes inherit from object and are instances of type).
The mainstream Python implementation, knows as CPython, is written in C meeting the C89 standard. CPython compiles the python program into intermediate byte code, which is then executed by virtual machine. stack less Python is a significant fork of CPython that implements micro threads; it does not use the C memory stack .CPython uses a GIL to allow only one thread to execute at a time while the stack less. Python threads are independent of OS and can run concurrently. Stack less python is better suited to scalable tasks and for the use on microcontrollers or other limited resource platforms due to thread's light weight. It can be expected to run on approximately the same platforms that CPython runs on. Jython compiles the Python program into Java byte code.
INFLUENCES ON OTHER LANGUAGES:
Boo uses indentation, a similar syntax, and a similar object model. However, Boo uses static typing and is closely integrated with the .NET framework.
Groovy was motivated by the desire to bring the Python design philosophy to Java
OCaml has an optional syntax called T.W.T (The Whitespace Thing), inspired by python and Haskell.
Python's development practices have also been emulated by other languages. The practice of requiring a document describing the rationale for, and issues surrounding, a change to the language (in Python's case, a PEP) is also used in T.C.L and Erlang because of python's influence
ADVANTAGES OF PYTHON:
- Fast to code.
- Fast to learn.
- Simple to get support.
Vulnerable FTP Clients:
The following browsers have been found to respond to malicious PASV responses:
- Firefox 220.127.116.11
- Firefox 18.104.22.168
- Opera 9.10
- Konqueror 3.5.5
Several command line FTP clients have also been found to be vulnerable.
The FILE TRANSFER PROTOCOL (FTP) is used to exchange and manipulate files over the TCP/IP based network. FTP is built on the client-server architecture. FTP can be used with user-based password authentication or with anonymous user access. The "proxy FTP" mechanism can be used to decrease the amount of traffic on the network; the client instructs one server to transfer a file to another server, rather than transferring the file from the first server to the client and then from the client to the second server. This is particularly useful when the client connects to the network using a slow link. FTP has many security problems such as Bounce attack, Passive Attacks, Spoofy Attacks.
Bounce attack is used to attack well known network servers. The attack involves sending an FTP client command to an FTP server containing the network address and the port number of the machine and service being attacked. This bounce attack are being protected by reserving the TCP port numbers in the range 0 - 1023 for well known services such as mail, network news and FTP control connections.
It is possible for malicious FTP servers to cause some popular FTP clients to connect to TCP ports on other hosts. This allows us to extend existing Java Script-based port scan techniques in the follow ways:
- Scan ports which modern browsers would not normally connect to [port ban].
- Fingerprint services which do not send a banner by timing how long the Server takes to terminate the connection.
- Perform simple.
By crafting replies to the FTP PASV (passive) command, FTP servers are able to cause clients to connect to other hosts this is called FTP PASSIVE attack. If a malicious FTP server wants the client to connect to a different IP address, it simply needs to specify a different IP address in its reply to the PASV command, e.g. to make it connect to port 22 on 22.214.171.124, it would send 192,166,1,96,0,22. If we use Firefox browser, Firefox will connect to whatever is sent in the PASV response, even if the target port is on its banned list. E.g. Firefox wouldn't normally connect to port 25 because it's typically used for email (SMTP), not browser supported protocols such as HTTP, HTTPS and FTP. If you try and connect to http://localhost:25 in Firefox 2 you'll get response similar to:
The ability to direct the client to a different IP address does not seem to be contrary to the RFC for FTP [rfc959], but doesn't seem to be useful in most real world situations.
We've seen above that it's only possible to direct a client to another host when it uses the PASV command - i.e. when it uses passive mode FTP. Passive mode is used by all web browsers when accessing URLs like ftp://ftp.example.com. It must also be used by all clients behind Firewalls or NAT devices unless those devices are able to understand the FTP protocol.
Immune FTP Clients:
The following web browsers seem to ignore the IP address returned in PASV responses. They simply connect to the IP address to which the original control Connection (21/TCP) was made:
- Microsoft Internet Explorer 7.0.5730.11
- Microsoft Internet Explorer 6.0.3790.0
Mitigating the Attack: