Re: ZoneAlarm blocks FTP apps

From: Michael J. Pelletier (mjpelletier_at_mjpelletier.com)
Date: 01/21/05 

Date: Thu, 20 Jan 2005 18:02:25 -0800

Michael J. Pelletier wrote:

> Reader wrote:
>
>> Michael J. Pelletier wrote:
>>
>>> When you setup the rules did you allow BOTH port 20 and 21 (Active
>>> FTP). Remember that FTP uses TWO ports. Also, you should review the
>>> difference between passive vs active FTP. I am not sure which one you
>>> are using. Active FTP uses port 21 and port 20. One port is for
>>> commands and the other is for that transfer of data.
>>
>> I'm using ZoneAlarm with Antivirus, paid version, v5.5.062.004.
>> Using passive mode (or not) hasn't made any difference. I don't
>> know how to allow both ports 20 and 21 in ZA... I can't find any
>> option for it?
>>
>> For the record, in the "Firewall" section of ZoneAlarm: if I select
>> "Medium" for the Internet Zone Security, then FTP works. It's only
>> when I leave it on the (default) setting of "High" that it blocks FTP.
>>
>> Does this info help?
>
> I don't use zone alarm or Windows. So, I can't help you much on
> that...sorry...
>
> -- Michael

This might help you out. FTP uses two connections. There is a control
connection and a data connection. A connection being a source/destination
port pair (for lack of a better description). Think of one connection as a
port on your computer connecting to a remote servers port (also called
sockets. A socket is just the IP+port number pair).

Ftp has had problem going through firewalls as many people do not realize
that there are two different techniques for running a FTP server. These two
ways are FTP active and FTP passive. They differ in how the data port is
set up.

I hate typing, so I found you a good web site that describes it pretty well.

http://slacksite.com/other/ftp.html

P.S. You might try posting your question to one of the firewall groups
(comp.security.firewalls). As I said before I do not use ZoneAlarm (or
Windose). There should be someone there that uses it and can be better help
than I.

Good luck,
Michael

Relevant Pages

  • RE: Telnet/ftp problems SBS2000
    ... Please make sure your client computers are configured as both Firewall ... will find two options "Enable folder view for FTP sites" and "Use Passive ... that the control connection has been successfully established, ... (other than port 21) ...
    (microsoft.public.windows.server.sbs)
  • Re: IPSwitch, Inc. WS_FTP Server
    ... > bounce attack as well as PASV connection hijacking. ... > The FTP bounce vulnerability allows a remote attacker to cause the ... > anonymously along with any internal addresses that the FTP server has ... That means it's got to handle a PORT ...
    (Bugtraq)
  • RE: FTP Window of opportunity?
    ... target on the line when in reality it was just a firewall lying to them. ... The connection connects and then immediately ... Subject: FTP Window of opportunity? ... the FTP port shows up. ...
    (Pen-Test)
  • Re: Passive means what during FTP?
    ... :227 Entering Passive Mode ... :ftp: connect: No route to host ... The FTP data transfer uses a connection that is separate from the ... address and port number to connect to for the data transfer. ...
    (comp.os.linux.setup)
  • Re: Iptables FTP question
    ... think all other related would be from specific modules,the FTP and IRC ... Keep in mind that connection ... source port of 20 if it is for port mode data connections(for a standard ... I would also break down your rules into chains instead of appending such ...
    (comp.security.firewalls)