Re: FTP question

From: Whoever (nobody@devnull.none)
Date: 02/03/03 

From: Whoever <nobody@devnull.none>
Date: Mon, 03 Feb 2003 07:23:51 GMT

On Sat, 1 Feb 2003, Olivier D wrote:

>
> "Allen Kistler" <ackistler@yahoo.com> wrote in message
> news:RyF_9.740$HG6.296094@newssrv26.news.prodigy.com...
> > Olivier D wrote:
> > > I have an FTP-problem that puzzles me. I have two systems behind a
> firewall
> > > (Clarkconnect 1.2), one RedHat 8.0, the other (don't laugh) Win2k. With
> > > Win2k I can FTP to a (firewalled) ftp-server (part of a Win2k-domain)
> and
> > > up/download data. With RedHat, I can log in with both gFTP and ncftp,
> but I
> > > can /only/ transfer data with ncftp (gftp produces a timeout). Both
> machines
> > > have zero firewall (thats done by the Clarkconnect-linux machine; I
> already
> > > checked the firewall settings on both machines).
> > >
> > > [snip]
> >
> > Probably the difference is active ftp vs. passive ftp. Windows command
> > line ftp uses active ftp. IE with an ftp url uses passive ftp. You can
> > use those facts to test active vs. passive from your W2k machine. Just
> > try to log in somewhere and get a directory.
> >
>
> Dear Allen,
>
>
> I've talked to the admin of the ftp-server, and only /active/ transfer works
> (because except for port 21, the ftp-server is completely firewalled). I
> know ncftp automatically switches to whichever works, so that would be
> active transfer mode. gFtp, however, doesn't work when I switch off passive
> transfer mode (and ofcourse, doesn't work either when I /do/ use passive)
>
> I tried using IE-ftp, but as I said, the ftp-server is firewalled for all
> ports except 21, so no luck there.
>

OK, so the admin of the ftp-server does not know what he is talking about.

FTP uses port 21 for the command channel. Data transfers use port 20
(irrespective of whether it is passive or active).

Now whether active or passive works is more likely to be an issue with
YOUR (the client) firewall -- assuming you are behind a NAT firewall.

So, gather and post more info.

Relevant Pages

  • Re: Hacked? External address knocks on internal private address...
    ... The important part of your message is that FTP is allowed out... ... You open a connection to an FTP Server and logon. ... When you ask the server for a file the server issues a "PORT" command ... so it can open a port on the firewall to allow the incoming Data ...
    (comp.security.firewalls)
  • RE: FTP Window of opportunity?
    ... does it seemingly accept the connections and drop them once the response ... Subject: FTP Window of opportunity? ... blocked by the firewall. ... the FTP port shows up. ...
    (Pen-Test)
  • Re: Shared Printer Problem
    ... "Printer status cannot be displayed with port that is currently running." ... file/printer sharing and then install the correct drivers for your printer ... start by running the Network Setup Wizard on all machines (see ... by 1) a misconfigured firewall or overlooked firewall (including a stateful ...
    (microsoft.public.windows.vista.print_fax_scan)
  • RE: FTP Window of opportunity?
    ... target on the line when in reality it was just a firewall lying to them. ... The connection connects and then immediately ... Subject: FTP Window of opportunity? ... the FTP port shows up. ...
    (Pen-Test)
  • Re: FTP error using a MAC
    ... Yes, you are using active mode, but the firewall/NAT can't take care of it ... behind a firewall, you then told me to change to active mode? ... In active mode the FTP client connects from a random unprivileged port N ...
    (microsoft.public.inetserver.iis.ftp)
Quantcast