Re: FTP partially blocked-- how to trace?



On Aug 19, 7:23 am, Mike
<turnpike_user@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
In message <slrnfcg1c5.64g.t...@xxxxxxxxxxxxxxxxxxxx>
at 10:55:33 on Sun, 19 Aug 2007, Theo v. Werkhoven
<t...@xxxxxxxxxxxxxxxxxxxxxxxx> wrote>The carbonbased lifeform red inspired comp.security.firewalls with:
Hello,

I use various programs to such as Ultraedit to upload files via FTP.
On one site, all of a sudden I began having a mysterious problem. I
can log onto the site, but I cannot do anything alse. I am able to get
the name of the directory I am in but I can't get any other directory
information, change directories or access any files.

Sounds like a (Unix) permission problem.
Try 'ls -al' in that directory and see if this and other directories
have the 'x' (search bit) and 'r' (read bit) set for the user and group.

Theo

>
The OP probably won't know what user and group are. Permissions could
be something like rwxrwxrwx or r--r--r-- for example
The first 3 characters refer to user, the next 3 the group and the final
3 "other users"

Doesn't he want to be looking at the permissions on the directory
itself, so he needs to go up to the parent directory - possibly won't be
able to do that unless he has access to the full directory structure

Anyway, I had similar experiences to the OP when I started using
Kapersky, and I've never got to the bottom of it.
--
Mike News

I figured it out. Once I realized that WinSCP works because it uses a
secure protocol, it was obvious that someone must have changed
something on the server to only allow secure FTP. When I changed the
protocol in Ultraedit from SCP to SFTP -SSH2 it fixed the problem.

As a test, I changed the protocol in WinSCP from SFTP to SCP and it
still worked. So the permission denials were not based on using SCP as
an FTP protocol - they were based on SSH

Then I changed the SSH to SSH1 and it didn't work anymore.

I'm not sure this has anything to do with SSH but the permissions of
the root folder are
rwxr-xr-x

There's one thing that still doesn't make sense though:

Other servers that I FTP to also require SSH2. If I try to log onto
them using WinSCP with SSH1, I can't even log on. But if I uncheck
SFTP -SSH2 in UltraEdit, it still works fine. I'm not sure what's
going on there.

Why does not having SFTP -SSH2 checked work fine on one server that
requires SSH2 but not another server that also requires SSH2. I would
think the difference would be in the FTP protocol(SFTP vs SCP) but as
I said SFTP doesn't seem to be required on the same server that
requires that SFTP -SSH2 be checked.

It works well enough that I can get back to work, but its little
things like that that bug me no end.

.