Re: [fw-wiz] Variations of firewall ruleset bypass via FTP

From: Carson Gaspar (
Date: 10/11/02

From: Carson Gaspar <>
To: Firewall Wizards <>
Date: Fri Oct 11 07:55:03 2002

--On Thursday, October 10, 2002 10:40 PM -0400 "Paul D. Robertson"
<> wrote:

> One of the things that makes FTP such a bad case is that protecting the
> server means going to active FTP and protecting the clients means going
> to PASV mode. So there's not a natural protection point that allows
> both to be satisfied.

An application proxy that does PASV->PORT translation achieves exactly
this. Trivial to do (and was done in FWTK ftp-gw years ago).


Relevant Pages

  • Re: Encrypted traffic
    ... In the Usenet newsgroup, ... >routes it until it reaches the company's gateway and the server. ... or fiber (packets harder to sniff). ... If someone isn't protecting your information that you consider sensitive, ...
  • Re: OWA resolution issues on the WAN
    ... MVP - Exchange ... "Protecting the world from PSTs and brick backups!" ... I am successfully able to ping the server so any other ...
  • RE: Password Protecting A Subweb
    ... folder. ... | Subject: Password Protecting A Subweb ... | the "server" menu choice is grayed-out on my PC. ...
  • Re: [9fans] a few Qs regarding cpu/auth server
    ... if we're just protecting against people wandering by who are ... The whole friggin' point of a colo is that you trust the people ... server, if you're going to be dumb enough to leave the head attached). ... users has been that I keep the monitor off, and in those 2 years I ...
  • Re: Document containing many ActiveX controls prints out blank
    ... Are you protecting with the correct Type and NoReset values? ... I have a 9 page Word document that contains a large number of ActiveX ... PS Getting the clients to use Infopath for data input is a non-starter. ...