.\" process this file with
.\" groff -man -Tascii ftpscan.1
.\"
.TH FTPSCAN 1 "JUNE 2004" Linux "User Manuals"
.SH NAME
ftpscan \- scan for ftp servers
.SH SYNOPSIS
.B ftpscan [-u
.I username
.B ]
.B [-a
.I password
.B ]
.B [-m
.I mode
.B ]
.B [-p
.I port
.B ]
.B [-o
.I outputfile
.B ]
.B [-h]
.B [-s]
.B [-v]
.B (-l
.I listfile
.B | -n
.I network
.B )
.SH DESCRIPTION
.B ftpscan
scans a network or a list of ip addresses for
ftp servers - all, anonymous those that may be
abused as filedumps. it does this by
trying to connect to the ips it is presented
on the specified port. it is written in perl.
.SH OPTIONS
.IP "-o outputfile"
write results to the specified file instead of
STDOUT
.IP "-l listfile"
scan the IPs in the specified file. the file needs
to contain one IP per line.
.IP "-n network"
scan the whole network
.I network
, which is a network address in CIDR notation,
i.e. 192.168.0.0/24
.IP "-p port"
probe the hosts on port
.I port
, 21 is assumed if this option is omitted
.IP "-m mode"
the scan mode you want, default is 1 and searches
for all ftp servers by trying to connect to them.
2 searches for servers that allow anonymous login.
you may search for servers that accept a certain
username / password combination by also using the
.I -u
and
.I -a
options.
3 tries to find file dumps, e.g. servers that allow
the user anonymous to upload files and download the
same files.
.IP "-u username"
try to login with username
.I username
instead of anonymous, only used if
.I mode
is >= 2.
.IP "-a password"
try to login with password
.I password
instead of anonymous, only used if
.I mode
is >= 2.
.IP -h
print the help screen and exit
.IP -v
verbose mode
.IP -s
simulate only, do not actually send any packets
.SH FILES
.SH ENVIRONMENT
.SH DIAGNOSTICS
.SH BUGS
.SH AUTHOR
sp1r1t <tim at sp1r1t dot de>
.SH "SEE ALSO"
.BR http://www.sp1r1t.de