An analyst wants to identify hosts that are connecting to the external FTP servers and what, if any, passwords are being used.
Which of the following commands should the analyst use?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
The command that the analyst should use to identify hosts that are connecting to the external FTP servers and what passwords are being used is "tcpdump "X dst port 21".
Explanation:
A. The tcpdump command is used to capture network traffic on a network interface. In this case, the "-X" option is used to print the payload of each packet in ASCII. The "dst port 21" option is used to filter the traffic for FTP traffic with destination port 21.
B. The ftp command is used to connect to an FTP server. The "p 21" option is used to specify the port number to connect to, which is port 21 for FTP. However, this command will not provide information on other hosts connecting to the FTP server or the passwords being used.
C. The nmap command is used to perform network scans. The "-o" option is used to specify the output format, and the "ftp.server" option is used to specify the target server. However, this command will not provide information on other hosts connecting to the FTP server or the passwords being used.
D. The telnet command is used to connect to a remote host. The "ftp.server" option is used to specify the target server, and the "21" option is used to specify the port number to connect to, which is port 21 for FTP. However, this command will not provide information on other hosts connecting to the FTP server or the passwords being used.
Therefore, the correct answer is A. tcpdump "X dst port 21". This command will capture the FTP traffic on port 21 and print the payload of each packet in ASCII, which may include the passwords being used by other hosts to connect to the FTP server.