Protection for secure ftp servers

Added: 10/01/2006
DNS services are used for a long time and many users all over the world treat these protocols as very efficient and well protected. However, some codes of these servers have high vulnerability. A bad security of FTP servers can become the reason for successful attacks. A modern system should have a full protection from such happenings. To prevent these troubles happening, system administrators should keep aware about the technology of the FTP servers' security violation.

It is known that 32 digits IP addresses are used all over the world for addressing Internet hosts and secure FTP servers. These addresses identify each computer in the global network. At the same time, the IP address usage is not very convenient and evident for the users and the solution to use a symbolic name for computers in the Internet was taken at the early stage of the web development. Using names is a more convenient way for navigation in the cyber space. The usage of mnemonic names requires transformation of names to IP addresses. This transformation is obligatory, since the secure FTP servers, addressing the network protocol level, need IP addresses.

At the very beginning the Internet contained a few computers and on this stage the Network Information Center was able to create a special hosts file that included names and responding IP addresses of all the hosts in the Internet. They updated this file regularly and widespread it over the Internet. In the process of the Internet development more hosts appeared and this scheme became unworkable. A new system for the names transformation replaced it. This system allows receiving the needed information about conformity of symbolic names and IP addresses from the nearest DNS (Domain Name System) server.

The Network protocol DNS was developed to implement this system. DNS servers are created in the Internet to provide an efficient work of this protocol.

Let us analyze the main task for the DNS service. When a host queries a remote server, it usually knows its name, but not the IP address that is required for the immediate addressing. Consequently, the host has a standard task of the remote search - it should find the IP address by name. The host generates recursive queries, i.e. a response to the request is required the information or message about its absence, the DNS server generates iterative queries that permit receiving a link to another server that has more information about the displacement of the searched information.

Here is the following DNS algorithm for the IP address remote search by name in the Internet:

- A host sends a DNS request to the IP address of the nearest DNS server (it is set up in the process of network operation system installation). This request contains a server name that should be found.

- The DNS server receives this message and scans its database for the needed name. If the name is found, the DNS server sends a DNS answer with the required IP address to the host. If the DNS server did not detect such name in its database, then it re-sends the DNS request to some of the DNS servers that are responsible for higher level domains. Addresses of these servers are in the configuration file root.cache. The server repeats this procedure until it will finds the requested name.

As you can see, this method has high vulnerability and it is a bad solution for secure FTP servers. The interception of a DNS request is possible; it could be a base for a typical remote attack. Windows FTP servers are very often addicted to this violation. Thus, secure FTP servers require a protection with special utilities from this potential menace. A system administrator must be aware about these risks of the modern networks, keeping business information.

This artilce has been viewed: 0 times this month, and 10 times in total since published.
 

Random articles

Popular articles