FTP Bounce

When connecting to an FTP server, the client sends a PORT command specifying the IP address and port to which the FTP server should connect and send data. An FTP Bounce attack is when an attacker sends a PORT command specifying the IP address of a third party instead of the attacker's own IP address. The FTP server then sends data to the victim machine.

You can configure how FTP bounce attacks should be handled.

FTP Bounce Fields

In this field…	Do this…
Action	Specify what action to take when an FTP Bounce attack occurs, by selecting one of the following: Block. Block the attack. This is the default. None. No action.
Track	Specify whether to log FTP Bounce attacks, by selecting one of the following: Log. Log the attack. This is the default. None. Do not log the attack.

In this field…

Do this…

Action

Specify what action to take when an FTP Bounce attack occurs, by selecting one of the following:

Block. Block the attack. This is the default.
None. No action.

Track

Specify whether to log FTP Bounce attacks, by selecting one of the following:

Log. Log the attack. This is the default.
None. Do not log the attack.