But it has a few things to know:
The correct sequence is this:
FTPClient.connect("YourServer");
FTPClient.execPBSZ(0);
FTPClient.execPROT("P");
FTPClient.login("YourUserName","YourPassword");
If you skip the execPBSZ or execPROT calls, then your ftps server will probably deny access to you.
If you receive strange errors like:
java.io.IOException: DerValue.getOctetString, not an Octet String 10
or
Caused by: java.security.cert.CertificateParsingException: java.io.IOException:
DerValue.getOctetString, not an Octet String: 10
at sun.security.x509.X509CertInfo.(Unknown Source)
at sun.security.x509.X509CertImpl.parse(Unknown Source)
at sun.security.x509.X509CertImpl.(Unknown Source)
at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown S
ource)
at java.security.cert.CertificateFactory.generateCertificate(Unknown Sou
rce)
... 16 more
Caused by: java.io.IOException: DerValue.getOctetString, not an Octet String: 10
at sun.security.util.DerValue.getOctetString(Unknown Source)
at sun.security.x509.Extension.(Unknown Source)
at sun.security.x509.CertificateExtensions.init(Unknown Source)
at sun.security.x509.CertificateExtensions.(Unknown Source)
at sun.security.x509.X509CertInfo.parse(Unknown Source)
Then you (or your pfts server) are probably behind a checkpoint firewall.
There is nothing you can do, just talk with the firewall admin and tell him to fix the "FTP Bounce" attack.
He will see this in the logs:
Attack Information: The packet was modified due to a potential Bounce Attack (Telnet Options)
Here is the option to disable this on a checkpoint firewall:
No comments:
Post a Comment