RE: Advanced Tcp/IP Filtering

From: Shawn Shepherd[MSFT] (shawnsh@microsoft.com)
Date: 01/08/03 

From: shawnsh@microsoft.com (Shawn Shepherd[MSFT])
Date: Wed, 08 Jan 2003 00:39:16 GMT

Shahar,

Here are some helpful links on this.

283679 Information About the IIS File Transmission Protocol (FTP) Service
http://support.microsoft.com/?id=283679

"The IIS-based FTP service (MSFTPSVC) supports both active and passive mode
connections, depending on the method that is specified by the client. IIS
does not support disabling either active or passive mode connections, due
to the lack of such a feature in RFC 959. Unlike HTTP and most other
protocols used on the Internet, the FTP protocol uses a minimum of two
connections during a session: a half-duplex connection for control, and a
full-duplex connection for data transfer. By default, TCP port 21 is used
on the server for the control connection, but the data connection is
determined by the method that the client uses to connect to the server."

309816 HOW TO: Configure Internet Explorer to Use Both the FTP PORT Mode and
http://support.microsoft.com/?id=309816

"This article describes how to configure Internet Explorer to use both the
File Transfer Protocol (FTP) PORT mode and PASV mode.

FTP supports two modes. These modes are called Standard (or Active) and
Passive (or "PASV"). The Standard mode FTP client sends PORT commands to
the FTP server. The Passive mode client sends PASV commands to the FTP
Server. These commands are sent over the FTP command channel........"

Thank you for using Microsoft Partner Support.
 
Shawn Shepherd[MSFT]
MCSE/MCP+I
Online Support Professional

This posting is provided "AS IS" with no warranties, and confers no rights.
Get Secure! - www.microsoft.com/security

Relevant Pages

  • RE: Telnet/ftp problems SBS2000
    ... Please make sure your client computers are configured as both Firewall ... will find two options "Enable folder view for FTP sites" and "Use Passive ... that the control connection has been successfully established, ... (other than port 21) ...
    (microsoft.public.windows.server.sbs)
  • Re: IPSwitch, Inc. WS_FTP Server
    ... > bounce attack as well as PASV connection hijacking. ... > The FTP bounce vulnerability allows a remote attacker to cause the ... > anonymously along with any internal addresses that the FTP server has ... That means it's got to handle a PORT ...
    (Bugtraq)
  • Re: FTP question
    ... |> I have one server that has had connectivity issues this past week ... |> directed at trying yet another ftp software. ... |> or an error about the socket connection. ... |> own modem and a Linksey router using Xp 64bit system. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Advanced Tcp/IP Filtering
    ... > 283679 Information About the IIS File Transmission Protocol (FTP) Service ... > full-duplex connection for data transfer. ... > File Transfer Protocol PORT mode and PASV mode. ...
    (microsoft.public.win2000.security)
  • Re: Does OpenSSH use RCP?
    ... TCP connection can be tuned for optimal performance. ... FTP command ... And then ssh comes along and crams interactive logins, ... straightjacket, but it's a really comfy and warm straightjacket, and the world ...
    (comp.security.unix)