RE: Windows XP and FTP
- From: Mike Fetherston <mike_sha@xxxxxxx>
- Date: Tue, 17 Jan 2006 08:50:57 -0500
Why not just use IE's built-in ftp capabilities? You can set it to passive
mode by going to Tools > Options > Advanced and ticking off "Use Passive
FTP". Then it's just a simple matter of typing in ftp://ftp.host.com in the
address bar and supplying your credentials.
Mike Fetherston
> -----Original Message-----
> From: Hamish Stanaway [mailto:koremeltdown@xxxxxxxxxxx]
> Sent: Monday, January 16, 2006 3:37 AM
> To: nick@xxxxxxxxxx; bugtraq@xxxxxxxxxxxxxxxx
> Cc: security-basics@xxxxxxxxxxxxxxxxx
> Subject: Re: Windows XP and FTP
>
> Thanks so much Nick,
>
> This is too what I thought - however I was hoping for a work around, or
> patch to fix this issue - it is going to be hard to explain to every
> client
> I have using XP that they will have to disable their firewalls - hopefully
> someone can shed some light on this issue for both of us.
>
>
>
> Kindest of regards,
>
> Hamish Stanaway, CEO
>
> Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
> Auckland, New Zealand
>
> http://www.webhosting.net.nz
> http://www.buywebhosting.co.nz
> http://www.koreworks.com
>
>
>
>
>
> >From: nick <nick@xxxxxxxxxx>
> >To: Ansgar -59cobalt- Wiechers <bugtraq@xxxxxxxxxxxxxxxx>
> >CC: security-basics@xxxxxxxxxxxxxxxxx
> >Subject: Re: Windows XP and FTP
> >Date: Fri, 13 Jan 2006 09:58:26 +0100
> >MIME-Version: 1.0
> >Received: from outgoing.securityfocus.com ([205.206.231.27]) by
> >bay0-mc2-f4.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Sun,
> 15
> >Jan 2006 10:12:39 -0800
> >Received: from outgoing.securityfocus.com by outgoing.securityfocus.com
> > via smtpd (for mail.hotmail.com [65.54.244.40]) with ESMTP; Sun, 15
> >Jan 2006 09:49:36 -0800
> >Received: from lists.securityfocus.com (lists.securityfocus.com
> >[205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid
> >C9D8023D7FD; Fri, 13 Jan 2006 11:04:54 -0700 (MST)
> >Received: (qmail 1928 invoked from network); 13 Jan 2006 08:37:39 -0000
> >X-Message-Info: JGTYoYF78jGdnwFcx9O+QyGqy8tZRvhafgQ3ZaoooPs=
> >Mailing-List: contact security-basics-help@xxxxxxxxxxxxxxxxx; run by
> ezmlm
> >Precedence: bulk
> >List-Id: <security-basics.list-id.securityfocus.com>
> >List-Post: <mailto:security-basics@xxxxxxxxxxxxxxxxx>
> >List-Help: <mailto:security-basics-help@xxxxxxxxxxxxxxxxx>
> >List-Unsubscribe: <mailto:security-basics-unsubscribe@xxxxxxxxxxxxxxxxx>
> >List-Subscribe: <mailto:security-basics-subscribe@xxxxxxxxxxxxxxxxx>
> >Delivered-To: mailing list security-basics@xxxxxxxxxxxxxxxxx
> >Delivered-To: moderator for security-basics@xxxxxxxxxxxxxxxxx
> >User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
> >X-Accept-Language: en-us, en
> >References: <20060110011058.12554.qmail@xxxxxxxxxxxxxxxxx>
> ><20060111144644.A8561@xxxxxxxxxxxxxxxx>
> >X-Virus-Scanned: amavisd-new at mobilia.it
> >Return-Path:
> >security-basics-return-37743-koremeltdown=hotmail.com@xxxxxxxxxxxxxxxxx
> >X-OriginalArrivalTime: 15 Jan 2006 18:12:39.0317 (UTC)
> >FILETIME=[4517A450:01C619FF]
> >
> >Ansgar -59cobalt- Wiechers wrote:
> >>On 2006-01-10 koremeltdown@xxxxxxxxxxx wrote:
> >>
> >>>I have Windows XP (as do many of my clients) and have noticed
> >>>something strange. When trying to access my server(s) via FTP, when
> >>>Windows (XP Pro) Firewall is turned on, you cannot perform this task.
> >>>Sometimes it has problems resolving the hostname, sometimes it just
> >>>doesn't connect at all. When disabling Windows Firewall FTP works
> >>>fine, however when just enabling FTP Access via the firewall
> >>>configuration it doesn't seem to want to work. My XP using clients
> >>>seem to be having the same problem.
> >>
> >>
> >>Looks like you (and your clients) are using FTP in active mode. In that
> >>case the FTP server tries to establish the data connection to the client
> >>which is then intercepted by the Windows Firewall. Try using passive
> >>mode.
> >>
> >>If you use the commandline FTP client: ftp.exe from Windows does only
> >>support active mode IIRC, so use something like ncftp [1] instead.
> >>
> >>[1] http://www.ncftp.com/
> >>
> >>Regards
> >>Ansgar Wiechers
> >I just dealt with a user who was unable to connect with XP and FTPX, but
> if
> >they used the command line, it worked just fine. PASV mode didn't seem to
> >make any difference. It's almost like the XP firewall doesn't keep ftp
> >states. I use an iptables firewall to connect to the server (proftpd) and
> >have 0 problems. When I had the user disable the windows firewall, it
> >connected immediately. It's a recent problem, I have a feeling that MS
> >changed the behaviour of the firewall recently, perhaps inadvertantly?
> >
> >I recommended that the user try another firewall, but this seems like an
> >MS problem...
> >
> >
> >
> >-------------------------------------------------------------------------
> --
> >EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> >The Norwich University program offers unparalleled Infosec management
> >education and the case study affords you unmatched consulting experience.
> >Tailor your education to your own professional goals with degree
> >customizations including Emergency Management, Business Continuity
> >Planning, Computer Emergency Response Teams, and Digital Investigations.
> >
> >http://www.msia.norwich.edu/secfocus
> >-------------------------------------------------------------------------
> ---
> >
>
>
>
> --------------------------------------------------------------------------
> -
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The Norwich University program offers unparalleled Infosec management
> education and the case study affords you unmatched consulting experience.
> Tailor your education to your own professional goals with degree
> customizations including Emergency Management, Business Continuity
> Planning,
> Computer Emergency Response Teams, and Digital Investigations.
>
> http://www.msia.norwich.edu/secfocus
> --------------------------------------------------------------------------
> --
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------
- Follow-Ups:
- RE: Windows XP and FTP
- From: Hamish Stanaway
- RE: Windows XP and FTP
- Prev by Date: Re: Anti-Virus
- Next by Date: Re: Windows Log
- Previous by thread: Re: Windows XP and FTP
- Next by thread: RE: Windows XP and FTP
- Index(es):
Relevant Pages
|
