can somebody explain the reasons behind a FTP brute force attack ?

[rscalover]

Hello,

This morning i noticed allot of cphulk emails about brute force attempts on my FTP server no biggie cpHulk did it's job and blocked them all but i'm trying to understand the reasons behind such attacks.I mean suppose the attacker (which where different ip's in a /24 by the way) get's lucky and get's inside what is there to gain it's only an FTP account do they want to host porn or something ?? not trying to minimize the riscs i just fail to understand why anybody would waste there time trying to "guess" a password i wish i understand that better.

 

[cPRex]

Hey hey! That's a great question. Placing files on a webserver to spread a virus or other malicious files for free for a short period? Uploading a script that scans for files that are accessible, possibly leading to a privilege escalation? Defacing a popular site? Those are my best guesses. I'm not sure there is really an "answer" to this one besides guesses.

 

[rscalover]

Hello,

Yes to spread a virus and or malware since they try to break into somebody else server they can do it without being punisched .The script that searches for accesible files sounds logic to as it could lead to "bigger access" then FTP but i agree we have to guess the reasons there is no real answer to this question.