Anonymous FTP contents.gifindex.gif

Anonymous FTP

This shows that anonymous FTP is enabled. If FTP services are present, allowing only anonymous access prevents valid user-password pairs from being passed across the network.

Proper configuration of the FTP server is critical. If an anonymous login is permitted, the scanner attempts to copy /etc/passwd. If the FTP server is properly chrooted, /etc/passwd is not available.

Risk: Low

OS Vulnerable: Any

Fix: Disable the FTP service if desired.