Symptoms
ProFTPD, sometimes outdated, appears to be running on FTP ports when Pure-FTPD is enabled and running on the system. If ProFTPD is not installed or running on the server, scanning tools like Nmap show that it is running on the traditional FTP ports, and if connecting to the FTP server shows a banner like this:
220 BitNinja FTP CAPTCHA server
Description
According to BitNinja's documentation, BitNinja is a general-purpose security-as-a-service server defense tool powered by a social defense system and many active defense modules.
Read more about BitNinja here:
https://doc.bitninja.io/introduction.html
One of the many modules that are included with BitNinja is the FTP Captcha Server Module. BitNinja's FTP CAPTCHA server runs as a go-between for the cPanel server's FTP service and the outside world. This can fool security scanners into reporting your server as having FTP vulnerabilities when your personal FTP server is up to date since it is actually scanning Bitninja's FTP server.
Read more about the FTP Captcha module here:
https://doc.bitninja.io/modules/captchaftp.html
Workaround
Make sure your BitNinja installation is up to date to ensure you have the latest version of each BitNinja module. This will ensure that ProFTPD server used by the FTP Captcha module is also up to date.
For updating on CentOS and Cloudlinux:
yum update bitninja
Read more about updating BitNinja here:
https://doc.bitninja.io/installation/updating.html
Comments
0 comments
Article is closed for comments.