FTP server logs trash:trash

Forums › Off topic › FTP server logs trash:trash

sir1963

3428 posts

Uber Geek
+1 received by user: 3756

Subscriber

#303962 23-Mar-2023 20:42

I have had a number of people attempting to log into my home FTP server with log/pass trash:trash

Seems an odd one, I see Admin:Admin all of the time, but trash:trash just seems utterly weird

These attempts come from a variety of countries IPs (yeah I know they are probably script kiddies or hacked machines acting as intermediateries)

Anyone have any ideas?

neb

11294 posts

Uber Geek
+1 received by user: 10018

Trusted

Lifetime subscriber

#3053865 23-Mar-2023 20:59

Just a random guess, some IoS... uh, T device out there ships with FTP enabled and an account 'trash' with the same password?

roobarb

705 posts

Ultimate Geek
+1 received by user: 656

Trusted

#3053949 24-Mar-2023 07:21

Um, you have an FTP server accessible from the internet?

xpd

Geek of Coastguard
14116 posts

Uber Geek
+1 received by user: 4579

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#3053961 24-Mar-2023 08:41

roobarb:

Um, you have an FTP server accessible from the internet?

Whats wrong with that ? I have FTP, Shoutcast, games, and more.

It's like saying "You have a front door to your house ?"

Long as you know what you're doing and aware of the risks, then I do not see a problem.

XPD / Gavin

LinkTree

sir1963

3428 posts

Uber Geek
+1 received by user: 3756

Subscriber

#3053965 24-Mar-2023 08:47

roobarb:

Um, you have an FTP server accessible from the internet?

Yes I do, Its been very useful. I also run a VPN server and other services.

lxsw20

3689 posts

Uber Geek
+1 received by user: 2174

Subscriber

#3053976 24-Mar-2023 09:37

Why does your FTP have to be exposed to the internet if you run a VPN server?

michaelmurfy

meow
13580 posts

Uber Geek
+1 received by user: 10910

Moderator

ID Verified

Trusted

Lifetime subscriber

#3053985 24-Mar-2023 10:12

Exposing FTP was cool in the 90's but actually a huge security risk these days. FTP isn't encrypted, prone to brute forcing and the FTP servers themselves quite often run under elevated privileges that can lead to a full compromise (looking at you Filezilla).

I'd recommend setting up a Wireguard VPN and ditching the use of FTP entirely or if you're using Linux you could expose SSH with password auth disabled (so, only use a SSH key) ensuring fail2ban is installed and enabled and use SFTP. But, exposing FTP along with many other services without either proper network microsegmentation or if you're using a standard home router is actually quite a substantial security risk to your entire network and one vulnerability could get you in a whole lot of trouble with malware, being a part of a DDOS attack or much worse...

Being aware of the risks is one thing but I wouldn't recommend ever taking the risk on your own home network. If you must, rent a VPS from Linode or Vultr and play around there without risking full compromise of your home network.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

Geekzone support

Support Geekzone with one-off or recurring donations Donate via PressPatron.

neb

11294 posts

Uber Geek
+1 received by user: 10018

Trusted

Lifetime subscriber

#3054083 24-Mar-2023 13:00

roobarb:
Um, you have an FTP server accessible from the internet?

I have both accessible from the Internet. Or at least things that listen on ports 21 and 25 and let people try and log in, with the password attempts going into a dictionary file. The mailer is chuckmail, the world's fastest and most secure MTA.

sir1963

3428 posts

Uber Geek
+1 received by user: 3756

Subscriber

#3054128 24-Mar-2023 13:53

lxsw20:

Why does your FTP have to be exposed to the internet if you run a VPN server?

for very extended family over NZ who wanted to see wedding photos, etc etc etc because of covid lockdowns could not be there.

Mehrts

1112 posts

Uber Geek
+1 received by user: 984

Trusted

#3054133 24-Mar-2023 13:58

Tailscale is a super simple way to grant trusted people acess to your machine.

lxsw20

3689 posts

Uber Geek
+1 received by user: 2174

Subscriber

#3054156 24-Mar-2023 14:35

sir1963:

lxsw20:

Why does your FTP have to be exposed to the internet if you run a VPN server?

for very extended family over NZ who wanted to see wedding photos, etc etc etc because of covid lockdowns could not be there.

Google Photos / iCloud / OneDrive? Any of the many other cloud offerings which don't mean using 1970s technology?

To each their own I guess :D

xpd

Geek of Coastguard
14116 posts

Uber Geek
+1 received by user: 4579

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#3054171 24-Mar-2023 15:39

Limited on storage for some people - 5GB of video/photos isnt much these days.

XPD / Gavin

LinkTree

Dell

Shop now for Dell laptops and other devices (affiliate link).

michaelmurfy

meow
13580 posts

Uber Geek
+1 received by user: 10910

Moderator

ID Verified

Trusted

Lifetime subscriber

#3054188 24-Mar-2023 16:27

There are far better solutions to a FTP server. I don't even know why you'd pick FTP over the many options out there.

Self-hosted Nextcloud being one... If you combine it with Cloudflare Tunnel it'll work even without a port forward.

sir1963: for very extended family over NZ who wanted to see wedding photos, etc etc etc because of covid lockdowns could not be there.

I just used Nextcloud for this. Got people to drop files into it using a file drop link after the wedding then shared out a link to a folder of photos shortly after to everyone who asked. Worked incredibly well, no additional clients needed or anything.