Opened 3 years ago

#11035 new Bug report

port bounce attack

Reported by: edwardchien Owned by:
Priority: normal Component: FileZilla Server
Keywords: port bounce attack Cc: edwardchien@…
Component version: 0.9.59 Operating system type: Windows
Operating system version: Win 7 Pro SP 1

Description

Using Filezilla server version 0.9.59 on Windows 7 on Internet, in "Security Settings", selected first option "Require matching peer IP address of control and data connection).

By testing with "nmap -Pn -vv -p 1-15000 -b xx.xx.xx.xx 192.168.10.100", the server reported "200 PORT command successful" and nmap show many "Discovered open port nnn/tcp on 192.168.10.100".

Result was the same after configuring "Passive mode" with a static IP, and enabling "FTP over TLS".

Machine is not behind a firewall. Windows firewall disabled.

If the machine is connected on internal network, the test was negative... no open port was reported.

Are there any options I should set in order to have nmap not to report port bounce attack?

Change History (0)

Note: See TracTickets for help on using tickets.