Re: Active ftp connection

From: Fernando Gleiser (fgleiser_at_cactus.fi.uba.ar)
Date: 12/18/04

  • Next message: security_at_revolutionsp.com: "Re: Strange command histories in hacked shell server" 
    Date: Sat, 18 Dec 2004 10:10:33 -0300 (ART)
To: wsx <security@noc.kstu-kai.ru>

    On Sat, 18 Dec 2004, wsx wrote:

    > Hello dear friends...
    >
    > I have a trouble. My FTP server must have an active ftp connection.
    > It means what in ipfw rules I must allow outgoing connections(like ipfw add
    > allow tcp from me to any keep-state).
    > But I don't want use this rule. I want to restrict my outgoing connections. Is

    Active FTP-data goes from server IP:port 20 to client IP:random port.

    You don't need to open ALL ourgoing traffic, just those coming from port 20
    on your ftp server.

                    Fer
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: security_at_revolutionsp.com: "Re: Strange command histories in hacked shell server"

    Relevant Pages

    • RE: blocking IPs for FTP server
      ... With Port Sentry you can use the Advanced Stealth Scan Detection. ... blocking IPs for FTP server ... holding too many open connections. ...
      (Security-Basics)
    • RE: Hidden windows ports, files and services.
      ... also apply for IE's cache. ... be the work of a root kit of some sort. ... and I'd like to analyze the ftp server. ... |was by doing an nmap port scan of the system. ...
      (Security-Basics)
    • Re: Hidden windows ports, files and services.
      ... and I'd like to analyze the ftp server. ... Prior to XP SP2, I used to be able to go through the c$ share and see ... was by doing an nmap port scan of the system. ... downloaded fresh version of each and tried again. ...
      (Security-Basics)
    • Re: Ports necessary for running a FTP-server?
      ... The FTP server should be listening on the LAN IP address of the Winroute ... The port mapping should redirect FTP traffic to the Winroute LAN ... >> install will not allow an Internet client to connect to a Winroute ...
      (comp.security.firewalls)
    • Re: Cant ftp from Linux box to windows-server - setsockopt
      ... It could be the ftp server passive port range was blocked. ... have you try active mode connection to the server? ... > 230 User myusernameatftpserver logged in. ...
      (microsoft.public.inetserver.iis.ftp)