Open/Accessible TFTP Report

This report identifies hosts that have the TFTP service running and accessible on the Internet.

Our probe tests to see if the TFTP service is accessible and will either return the file that we are asking for or return an error code. Note, we are not testing to see if file upload is enabled.

Also note that unlike other UDP services that we test for, the response from TFTP is often received on a port that is different than what was queried! Probes sent to a host on port 69/UDP may generate responses that source from ephemeral high ports.

Fields

  • timestamp
    Time that the IP was probed in UTC+0
  • ip
    The IP address of the device in question
  • protocol
    Protocol that the TFTP response came on (always UDP)
  • port
    Port that the TFTP response came from (usually 69/UDP, but the response may come on any port >1024/UDP)
  • hostname
    Reverse DNS name of the device in question
  • tag
    Will always be TFTP
  • asn
    ASN of where the device in question resides
  • geo
    Country where the device in question resides
  • region
    State / Province / Administrative region where the device in question resides
  • city
    City in which the device in question resides
  • naics
    North American Industry Classification System Code
  • sic
    Standard Industrial Classification System Code
  • opcode
    This will be either a "3" or a "5" — a "3" means that the file requested exists (in this case "a.pdf") and a "5" means that the TFTP server returned an error code
  • errorcode
    This is the error code that is returned along with the opcode per RFC1350/RFC2347
  • error
    Human readable version of the error code — in the case of an opcode 3 response, this is "No Error"
  • errormessage
    The actual error message that the TFTP server returned in addition to the errorcode — in the case of an opcode 3 response, this is "File Exists"
  • size
    Payload response size in bytes — it is really only relevant in opcode 3 responses; if the file is actually there, the response will be >4 bytes

Sample

"timestamp","ip","protocol","port","hostname","tag","asn","geo","region","city","naics","sic","opcode","errorcode","error","errormessage","size"
"2016-03-28 00:28:55","175.118.99.30","udp",52190,,"tftp",9318,"KR","INCHEON GWANGYEOGSI","INCHEON",0,0,5,0,"Not defined","No such file or directory",30
"2016-03-28 00:28:55","104.236.188.147","udp",35031,,"tftp",14061,"US","CALIFORNIA","SAN FRANCISCO",541512,737999,5,1,"File not found","File not found",19
"2016-03-28 00:28:55","184.100.226.164","udp",57553,"184-100-226-164.ptld.qwest.net","tftp",209,"US","OREGON","PORTLAND",518210,737415,5,0,"Not defined","Get not supported",22
"2016-03-28 00:28:55","47.19.194.35","udp",36190,,"tftp",6128,"US","NEW JERSEY","EDISON",334290,366998,5,1,"File not found","File not found",19
"2016-03-28 00:28:55","76.95.192.171","udp",69,"cpe-76-95-192-171.socal.res.rr.com","tftp",20001,"US","CALIFORNIA","VAN NUYS",518210,737415,5,2,"Access violation","No such file or directory",30
"2016-03-28 00:28:55","96.61.200.86","udp",0,"h96-61-200-86.wyngmi.dedicated.static.tds.net","tftp",4181,"US","MICHIGAN","LANSING",518210,737415,5,0,"Not defined","TFTP error - Unknown File Type!",36
"2016-03-28 00:28:55","96.48.97.42","udp",69,"s01065cd998683b6b.vs.shawcable.net","tftp",6327,"CA","BRITISH COLUMBIA","SURREY",518210,737415,5,2,"Access violation","B?No such file or director",30
"2016-03-28 00:28:55","63.250.112.200","udp",55829,"200.112.250.63.static.addr.dsl4u.ca","tftp",21570,"CA","ONTARIO","MISSISSAUGA",0,0,5,0,"Not defined","Get not supported",22
"2016-03-28 00:28:55","68.118.20.12","udp",69,"68-118-20-12.dhcp.rvsd.ca.charter.com","tftp",20115,"US","CALIFORNIA","RUNNING SPRINGS",518210,737415,5,2,"Access violation","No such file or directory",30
"2016-03-28 00:28:55","173.238.27.203","udp",69,"d173-238-27-203.home4.cgocable.net","tftp",7992,"CA","ONTARIO","WELLAND",518210,737415,5,2,"Access violation","No such file or directory",30
"2016-03-28 00:28:55","66.131.185.247","udp",69,"modemcable247.185-131-66.mc.videotron.ca","tftp",5769,"CA","QUEBEC","MARIEVILLE",518210,737415,5,2,"Access violation","No such file or directory",30
"2016-03-28 00:28:55","132.160.40.152","udp",61551,,"tftp",6360,"US","HAWAII","HONOLULU",611310,822101,5,1,"File not found","File not found.",20
"2016-03-28 00:28:55","63.227.176.106","udp",46454,"63-227-176-106.clsp.qwest.net","tftp",209,"US","COLORADO","COLORADO SPRINGS",518210,737415,5,0,"Not defined","Get not supported",22
"2016-03-28 00:28:55","221.187.166.5","udp",69,"p2005-ipbf14sizuokaden.shizuoka.ocn.ne.jp","tftp",4713,"JP","TOKYO","TOKYO",518210,737415,5,1,"File not found","File not found",19
"2016-03-28 00:28:55","123.100.77.114","udp",12746,"123-100-77-114.static.diginet.co.nz","tftp",9889,"NZ","AUCKLAND","AUCKLAND",0,0,5,1,"File not found","The file name is not supported.",36
"2016-03-28 00:28:55","107.145.12.199","udp",69,"107-145-12-199.res.bhn.net","tftp",33363,"US","FLORIDA","ORANGE CITY",0,0,5,2,"Access violation","No such file or directory",30
"2016-03-28 00:28:55","104.37.23.93","udp",69,"104-37-23-93.eastlink.ca","tftp",11260,"CA","NOVA SCOTIA","PORT HAWKESBURY",518210,737415,5,2,"Access violation","No such file or directory",30
"2016-03-28 00:28:55","86.44.70.4","udp",35281,"86-44-70-4-dynamic.agg2.wrd.chf-qkr.eircom.net","tftp",5466,"IE","DUBLIN","DUBLIN",518210,737415,5,0,"Not defined","Get not supported",22
"2016-03-28 00:28:55","66.245.201.39","udp",60150,"netblock-66-245-201-39.dslextreme.com","tftp",19817,"US","CALIFORNIA","MONROVIA",518210,737415,5,0,"Not defined","Get not supported",22
"2016-03-28 00:28:55","210.240.15.233","udp",69,,"tftp",1659,"TW","TAIPEI CITY","TAIPEI",0,0,5,4,"Illegal TFTP operation","Invalid file",17
"2016-03-28 00:28:55","190.215.19.48","udp",32781,,"tftp",18822,"CL","REGION METRO DE SANTIAGO","SANTIAGO",0,0,5,2,"Access violation","Access violation",21
"2016-03-28 00:28:55","184.47.188.119","udp",46977,"adsl-184-47-188-119.asm.bellsouth.net","tftp",7018,"US","GEORGIA","COLUMBUS",518210,737415,5,0,"Not defined","Get not supported",22
"2016-03-28 00:28:55","74.58.11.137","udp",69,"modemcable137.11-58-74.mc.videotron.ca","tftp",5769,"CA","QUEBEC","POINTE-CLAIRE",518210,737415,5,2,"Access violation","No such file or directory",30

Our 76 Report Types

« Back to Network Reporting