Hi,

I'm looking for a command-line tool that checks for anonymous ftps. A tool that checks the upload folder and where we can change the usernames and passwords to check. Like Grim's ping.
Thanks for your cooperation.

u can check up this site

http://home.hccnet.nl/m3ssi4h.rul3z/

there is a lot of scanner for FTP.. and others servers

Thanks for the link Doom Master!

Thx "The Doom Master",

I allready knew this site but i had forgotten about. Found a remote ftp scanner with all the options i needed except for the login (only 1 login possible).

Wow, now theres a blast from the past

Never found the 'perfect' ftp scanner, there allways seem to be something that stopped them from getting there, nice collection of tools tho.

Cheers Doom Master

I think Grims ping is the only one yo0u will find with that amount of options however you may want to look into Hscanner by Chonker it has an ftp module but only for brute force the passwords

Hey!

One question to ask: how to kick some scanning asses out of server?? I view my logs once a week (I don't run big server - just for my personal use and to have acess to my computer when I'm gone) and see that a lot peoples scan my serv ftp. I see much acess errors and not recognized users This is normaly a scaning but I want to protect my serv from it (don't like viewing many lines with errors). I was concerning ban for every IP that I see but they are changing (telephone ISP or other "hackers - script kiddies").

So I ask: how to protect FTP from scanning by those nasty scanners ??

Oh and one more: don't be angry If script kiddie term just hit you. This is only for peoples that uses only scanners and call them selves best hackers ever - yuck!

P.S.
Firewalling off the FTP port isn't good coz I want to have acess to it (anonymous and private)

mistyk, just run your ftpd on another port (not 21) and the scanning should stop or at least decrease.

I was thinking about changing the port - it is possible that I will do so soon. But I'm wondering is there any other way to stop this?? For ex. auto banning for making X login attempts that were bad or trying to over come their privilages. I allso wondered if there is any website that has black list of IP's that were cought on hacking/scanning/launching attack scripts. This could be an idea - I could then just download the list and add it to ban

A global deny list.... Do you have any idea how many IP's that list would hold? Most are dynamic too. I don't think it's possible.

You could deny all and only allow certain domains/ip-ranges. Your firewall should have a possibility to do this.

Hmm this is a posibility I will try to set my firewall for blocking all IP's except of ISP that I want to allow (this ISP has dynamic IP so I can't just allow one IP, I must allow hole range but as for now it is quite safe - no scanning attempts from this ISP)