RE: Passive FTP
From: Roberto Alcantara (roberto_at_fortalnet.com.br)
Date: Wed, 1 Jun 2005 08:31:46 -0300 (BRT) To: email@example.com
Thank you of your and all others answers.
I will look more about proftp and vftp config to see about IP range to
On Wed, 1 Jun 2005 Tim.BUTTON@dest.gov.au wrote:
> It will depend on if your firewall does stateful inspection or not and
> how it handles FTP in general. FW1, Gauntlet, Sidewinder and Cyberguard
> all inspect the FTP traffic and are able to recognise the outgoing data
> connection from the client to the server - therefore, the only rule you
> need to add is the one to allow the client to go outbound to the server
> on 21. I'm unsure about devices such as Pix.
> FWIW, I've found most devices actually handle passive better than they
> do active....
> -----Original Message-----
> From: Roberto Alcantara [mailto:firstname.lastname@example.org]
> Sent: Tuesday, 31 May 2005 23:09
> To: email@example.com
> Subject: Passive FTP
> Guys, to able my FTP users in passive mode need I realy accept in my
> firewall connections from 1024-65535 ports ?
> Best regards,
> The information contained in this e-mail message and any attached files may
> be confidential information, and may also be the subject of legal
> professional privilege. If you are not the intended recipient any use,
> disclosure or copying of this e-mail is unauthorised. If you have received
> this e-mail in error, please notify the sender immediately by reply e-mail
> and delete all copies of this transmission together with any attachments.
-- Roberto Alcantara Filho e-mail: firstname.lastname@example.org Técnico de CPD , FORTALNET url: http://www.fortalnet.com.br Provedor de Acesso à Internet fone/fax: (+55) 85 4005 8000