Sign in to follow this  
Followers 0
rakshit

Where/How can i find open TFTP servers

13 posts in this topic

umm all tftp servers are open since they don't have any security

I think he meant that he is looking for a way to discover them on the Internet. It uses UDP port 69, so maybe try scanning for that?

0

Share this post


Link to post
Share on other sites

TFTP is not something generally used over or offered as a public service on the Internet. It's used primarily for network booting some machines and doing firmware updates. You can scan, but it's possible you don't find anything at all.

0

Share this post


Link to post
Share on other sites

Why TFTP? What is it exactly that you're trying to accomplish?

Btw, I've seen several models of home routers with TFTP running as a service. Of course they use ROM for storage so you can't upload anything, but you can usually download stuff. Like I said before, I have no idea what the hell you're trying to do, so I'm not sure if it's what you're looking for.

0

Share this post


Link to post
Share on other sites
Why TFTP? What is it exactly that you're trying to accomplish?

Btw, I've seen several models of home routers with TFTP running as a service. Of course they use ROM for storage so you can't upload anything, but you can usually download stuff. Like I said before, I have no idea what the hell you're trying to do, so I'm not sure if it's what you're looking for.

Most (if not all) use flash. ROM is no longer as cost-effective as it once was and flash is a lot more flexible. TFTP may be used to upload new firmware versions, I've seen a few devices that do it this way. Also, if any home broadband routers have this feature, it's probably not open on the external interface. It may not even be open on the wireless interface, only on the wired ethernet interface. So it's unlikely you'll find any open ports from the Internet side.

0

Share this post


Link to post
Share on other sites

Please school me.

TFTP and firmware do not sound like they should go together. Since TFTP does not use error checking (from what I remember in high school intro to networking) and firmware + corruption = a big no no... there must be some other form of checking that the firmware update file was received intact. Are you saying that tftp is used to put it on the device then some sort of check (md5 ?) is ran on the device itself and after its sees the file is good it will then finally install it?

Thanks

0

Share this post


Link to post
Share on other sites

It all depends on the device. The firmware image could have an integrated checksum or require you to upload one with it. However, UDP does have checksums and these updates are usually done on a controlled network or when the device is disconnected from other networks. I don't think there's much danger of an accidental corrupted firmware image because of network problems.

TFTP is designed to use UDP only as well. This means it uses very little RAM and only a minimal implementation of UDP/IP is required (no TCP). So, a device could also have a failsafe firmware that simply boots and waits for a new firmware to be uploaded via TFTP.

0

Share this post


Link to post
Share on other sites

I seem to recall updating the IOS firmware on some Cisco routers/switches, where the TFTP wasn't enabled until you had initiated the update process via the command line. In other words, it wasn't just sitting around waiting for an upload... it got to the point in the process where it said, "TFTP server enabled; upload new firmware now" or the like.

I think most home use stuff (and a lot of commercial stuff too, I guess) tries to be more user friendly with a web-based GUI. In this case, it's much easier to have an upload page with a "Browse" button than to expect Aunt Tillie to know how to use TFTP (or even FTP for that matter).

0

Share this post


Link to post
Share on other sites

Ya, most home devices use the browser GUI. The few that do use TFTP, like the WRT54g only run TFTP as the device is booting (this feature actually saved mine from a future as a brick). Also, most admins will block TFTP at the border (if not just disable it). Looking for a default named config file is an old and worn trick. Not sayin your planning on this just that it has caused things to get locked down.

As for finding open systems running TFTP unicornscan is the most reliable UDP scanner I've come across.

Edited by tekio
0

Share this post


Link to post
Share on other sites

It should be easy to just brows TFTP servers there is nothing stopping you. If there is it probably isn't a TFTP server. :ninja:

0

Share this post


Link to post
Share on other sites
It should be easy to just brows TFTP servers there is nothing stopping you. If there is it probably isn't a TFTP server. :ninja:

Your comment adds nothing to this topic.

There is no method of browsing files on a TFTP server, you must know the file name beforehand.. I'm sure he's aware there is nothing preventing him from scanning a range for available TFTP hosts.

My post in 2 words: You suck.

0

Share this post


Link to post
Share on other sites

Just for the record, TFTP is heavily used in the VoIP world to provide firmware and configure phones. Yes the security (on the server) sucks, but the boot code on the phones can cryptographically check the download for validity.

Why TFTP? Because it is extremely light weight, and when the power comes back on every phone on your network is going to hit it hard....

Munge.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0