February 27th, 2008
Only 8,700 insecure ftp servers?
According to ComputerWorld coverage Finjan is publicizing a source in Hong Kong they have discovered that offers to sell access to hacked ftp servers. The idea is that a malware purveyor or phisher would want ftp access with admin credentials so they can quickly and easily upload there wares to the web sites served by the ftp service.
Larry Dignan thinks this may be the first “Hacking as a Service” example but he is way off. There have been sites in the past that allowed you to execute a “ping of death” against any site, or a ping storm or whatever, just type in the IP or URL and watch what happens. So nothing new there. The “new” is the financial model. Selling access piecemeal. Kind of Hacking 2.0.
The simple warning to administrators: Use ftp over secure shell (SSH) to update your servers. Yes, use the advanced authentication techniques.
Only 8,700 out of 65,000,000 active web servers? That is a good percentage.
Update: Stiennon’s blog has moved to here.
Richard Stiennon is an industry consultant. See his full profile and disclosure of his industry affiliations.
