Security Basics mailing list archives
RE: Passive FTP
From: Roberto Alcantara <roberto () fortalnet com br>
Date: Wed, 1 Jun 2005 08:31:46 -0300 (BRT)
Thank you of your and all others answers.I will look more about proftp and vftp config to see about IP range to passive mode.
Best regards, Roberto Alcântara On Wed, 1 Jun 2005 Tim.BUTTON () dest gov au wrote:
It will depend on if your firewall does stateful inspection or not and how it handles FTP in general. FW1, Gauntlet, Sidewinder and Cyberguard all inspect the FTP traffic and are able to recognise the outgoing data connection from the client to the server - therefore, the only rule you need to add is the one to allow the client to go outbound to the server on 21. I'm unsure about devices such as Pix. FWIW, I've found most devices actually handle passive better than they do active.... Cheers Tim -----Original Message----- From: Roberto Alcantara [mailto:roberto () fortalnet com br] Sent: Tuesday, 31 May 2005 23:09 To: security-basics () securityfocus com Subject: Passive FTP Guys, to able my FTP users in passive mode need I realy accept in my firewall connections from 1024-65535 ports ? Best regards, Roberto Notice: The information contained in this e-mail message and any attached files may be confidential information, and may also be the subject of legal professional privilege. If you are not the intended recipient any use, disclosure or copying of this e-mail is unauthorised. If you have received this e-mail in error, please notify the sender immediately by reply e-mail and delete all copies of this transmission together with any attachments.
-- Roberto Alcantara Filho e-mail: roberto () fortalnet com br Técnico de CPD , FORTALNET url: http://www.fortalnet.com.br Provedor de Acesso à Internet fone/fax: (+55) 85 4005 8000
Current thread:
- RE: Passive FTP Jensen, Peter (Jun 01)
- <Possible follow-ups>
- Re: Passive FTP Abdurrahman Beyazaslan (Jun 01)
- RE: Passive FTP Alexandre Skyrme (Jun 01)
- Re: Passive FTP Frankie Li (Jun 01)
- RE: Passive FTP David Gillett (Jun 01)
- Re: Passive FTP Joerg Zimmermann (Jun 01)
- Re: Passive FTP Glenn English (Jun 01)
- RE: Passive FTP Tim.BUTTON (Jun 01)
- RE: Passive FTP Roberto Alcantara (Jun 01)
- Re: Passive FTP Michael Gale (Jun 01)
- Re: Passive FTP Ashish Popli (Jun 01)
- Re: Passive FTP Alexander Klimov (Jun 01)
- Re: Passive FTP eli (Jun 06)