Re: active ftp through firewall
From: Barry Margolin (barmar_at_alum.mit.edu)
Date: 05/20/04
- Next message: phn_at_icke-reklam.ipsec.nu: "Re: active ftp through firewall"
- Previous message: jpd: "Re: active ftp through firewall"
- In reply to: jpd: "Re: active ftp through firewall"
- Next in thread: jpd: "Re: active ftp through firewall"
- Reply: jpd: "Re: active ftp through firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 20 May 2004 12:09:25 -0400
In article <1085036311.748582@ente.ipberlin.com>,
jpd <read_the_sig@do.not.spam.it> wrote:
> ["Followup-To:" header set to comp.security.unix.]
> On 2004-05-20, Barry Margolin <barmar@alum.mit.edu> wrote:
> > Firewalls are supposed to watch the traffic on the FTP command channel,
> > and notice when a PORT command goes through so that they can open up
> > that port for an inbound connection from the FTP server.
>
> And why do you suppose them to do so?
Because it's important to support a heavily-used Internet application
protocol.
> A simple port blocking firewall
> does no such thing.
That makes them poor firewalls.
There are many who don't even like to use the term "firewall" when
referring to simple, stateless port filters like this. I'm not so
pedantic, but this is the type of difference that can be important.
-- Barry Margolin, barmar@alum.mit.edu Arlington, MA *** PLEASE post questions in newsgroups, not directly to me ***
- Next message: phn_at_icke-reklam.ipsec.nu: "Re: active ftp through firewall"
- Previous message: jpd: "Re: active ftp through firewall"
- In reply to: jpd: "Re: active ftp through firewall"
- Next in thread: jpd: "Re: active ftp through firewall"
- Reply: jpd: "Re: active ftp through firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
