FTP_SYST Command


Code: p37

Severity: Infomation


Description: This decode detects a SYST command being issued to a FTP server. This command causes the FTP server to return a response indicating the host operating system of the server.

Impact: Knowing the host operating system allows an attacker to customize their attack to exploit other vulnerabilities likely to be present.

Corrective: Pay close attention to other activity on the target system following the SYST request. If it is a non-anonymous FTP server, make sure your FTP server requires users to log in prior to honoring a SYST request. If anonymous access is allowed, you may be able to disable the SYST command. Consult the documentation of your FTP server.