Security Basics mailing list archives
RE: Passive FTP
From: "Alexandre Skyrme" <alexandre.skyrme () ciphersec com br>
Date: Tue, 31 May 2005 12:10:36 -0300
Greetings Roberto, It isn't really clear on your message if you are running a server and want to allow passive connections to it or if you want to allow passive connections from your users to external FTP servers. There is a good explanation for both types of FTP connections, including diagrams and typical connections mappings, at http://slacksite.com/other/ftp.html. In case you're using Linux 2.4.X or newer with iptables there are some modules specifically intended to track FTP connections so you don't need to open up a wide range of ports for all connections, instead allowing only those related to FTP connections. Most statefull firewalls should be able to do so. Regards, -- Alexandre Skyrme Cipher - Segurança da Informação +55-21-2542-6677 www.ciphersec.com.br Esta mensagem eletrônica pode conter informações privilegiadas e/ou confidenciais, portanto fica o seu receptor notificado de que qualquer disseminação, distribuição ou cópia não autorizada é estritamente proibida. Se você recebeu esta mensagem indevidamente ou por engano, por favor, informe este fato ao remetente e a apague de seu computador imediatamente. This e-mail message may contain legally privileged and/or confidential information, therefore, the recipient is hereby notified that any unauthorized dissemination, distribution or copying is strictly prohibited. If you have received this e-mail message inappropriately or accidentally, please notify the sender and delete it from your computer immediately.
-----Original Message----- From: Roberto Alcantara [mailto:roberto () fortalnet com br] Sent: terça-feira, 31 de maio de 2005 10:09 To: security-basics () securityfocus com Subject: Passive FTP Guys, to able my FTP users in passive mode need I realy accept in my firewall connections from 1024-65535 ports ? Best regards, Roberto
Current thread:
- RE: Passive FTP Jensen, Peter (Jun 01)
- <Possible follow-ups>
- Re: Passive FTP Abdurrahman Beyazaslan (Jun 01)
- RE: Passive FTP Alexandre Skyrme (Jun 01)
- Re: Passive FTP Frankie Li (Jun 01)
- RE: Passive FTP David Gillett (Jun 01)
- Re: Passive FTP Joerg Zimmermann (Jun 01)
- Re: Passive FTP Glenn English (Jun 01)
- RE: Passive FTP Tim.BUTTON (Jun 01)
- RE: Passive FTP Roberto Alcantara (Jun 01)
- Re: Passive FTP Michael Gale (Jun 01)
- Re: Passive FTP Ashish Popli (Jun 01)
- Re: Passive FTP Alexander Klimov (Jun 01)
- Re: Passive FTP eli (Jun 06)