Re: IPFW almost works now -> stateful rules

From: Peter Pentchev (roam@orbitel.bg)
Date: 06/14/01


Date: Thu, 14 Jun 2001 19:45:56 +0300
From: Peter Pentchev <roam@orbitel.bg>
To: Igor Roshchin <str@giganda.komkon.org>

On Thu, Jun 14, 2001 at 11:59:28AM -0400, Igor Roshchin wrote:
>
>
> If those rules are all rules you have,
> and I didn't miss any line,
> no ftp would be allowed to go through, since
> there is no rule for the port 21.
> Aren't you mixing something ? ftp is at port 21.
> Port 22 is ssh.
> (Check /etc/services)
>
> However, I am puzzled, how do you manage to establish the initial connect
> at all.

This has been discussed before: his FTP server is listening on a high port.

G'luck,
Peter

-- 
If this sentence were in Chinese, it would say something else.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


Relevant Pages

  • RE: Telnet/ftp problems SBS2000
    ... Please make sure your client computers are configured as both Firewall ... will find two options "Enable folder view for FTP sites" and "Use Passive ... that the control connection has been successfully established, ... (other than port 21) ...
    (microsoft.public.windows.server.sbs)
  • SMART FTP
    ... Ftp Client To Smart How ... Active Mode Ftp Port Limit Smart ... Pro Keygen Ftp Smart Client ...
    (sci.anthropology)
  • FTP transfer port
    ... FTP transfer port ... the FTP server "listens" for client connections on its port 21. ... it will establish a separate control connection and data connection with ...
    (bit.listserv.ibm-main)
  • Re: Hacked? External address knocks on internal private address...
    ... The important part of your message is that FTP is allowed out... ... You open a connection to an FTP Server and logon. ... When you ask the server for a file the server issues a "PORT" command ... so it can open a port on the firewall to allow the incoming Data ...
    (comp.security.firewalls)
  • Re: Question: FTP via alternate port
    ... The problem with FTP is that it requires two ports to operate. ... FTP command stream in order to dynamically open that port for the data ... Ideally the attacker would want to upload another tool onto the ...
    (Pen-Test)