Anonymous_FTP

📂 Anonymous FTP Access

📌 Description

File Transfer Protocol (FTP) allows users to transfer files between client and server. Anonymous FTP allows anyone to log in with the username anonymous and either a blank password or a dummy email address.

🔍 How to Test

1. Connect to the FTP server: ftp <IP>
2. Username: anonymous
3. Password: (Press Enter)

🛠️ Mitigations

1. Disable Anonymous Login: Ensure anonymous_enable=NO in vsftpd.conf.
2. Limit Access: Restrict FTP access to specific users and directories.
3. Use SFTP: Prefer SSH File Transfer Protocol for encryption.

🏷️ Related Machines

• 🦌 Fawn
• 🐊 Crocodile