Bamboozle Attack

Secure File Transfer Protocol, SFTP, is a common method to move files across networks without letting other people snoop on them.  A 3rd party wanted to use SFTP to drop inventory files on a computer and I put in a request with the in-house technical team to do this.  My ticket to our desktop support person was “please open port 22 to SFTP traffic.  I need move files securely and port 80 will not do.”

Later, I was called by a very confused networking person who after some talking sent me the original request made of him from desktop support.  My original request  had been recorded as “Please open 22 additional ports so SFTP traffic can move files securely.  80 ports will not do.”