FTP

The FTP plugin supports the main RFC [RFC959] as well as many extensions.

Enabling this plugin allows the prevention of large families of FTP-based application attacks. This plugin performs various analyses such as the RFC compliance analysis, checks on FTP command parameter size or restrictions on the protocol (SITE EXEC for example). These analyses therefore allow stopping attacks such as FTP Bounce, FTP PASV DoS, Buffer overflow, etc.  This plugin is indispensable when allowing FTP traffic to pass through the firewall and to dynamically manage FTP data connections.