Security Basics mailing list archives
Re: Windows XP and FTP
From: "Hamish Stanaway" <koremeltdown () hotmail com>
Date: Mon, 16 Jan 2006 08:36:56 +0000
Thanks so much Nick,This is too what I thought - however I was hoping for a work around, or patch to fix this issue - it is going to be hard to explain to every client I have using XP that they will have to disable their firewalls - hopefully someone can shed some light on this issue for both of us.
Kindest of regards, Hamish Stanaway, CEO Absolute Web Hosting / -= KoRe WoRkS =- Internet Security Auckland, New Zealand http://www.webhosting.net.nz http://www.buywebhosting.co.nz http://www.koreworks.com
From: nick <nick () mobilia it> To: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net> CC: security-basics () securityfocus com Subject: Re: Windows XP and FTP Date: Fri, 13 Jan 2006 09:58:26 +0100 MIME-Version: 1.0Received: from outgoing.securityfocus.com ([205.206.231.27]) by bay0-mc2-f4.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Sun, 15 Jan 2006 10:12:39 -0800 Received: from outgoing.securityfocus.com by outgoing.securityfocus.com via smtpd (for mail.hotmail.com [65.54.244.40]) with ESMTP; Sun, 15 Jan 2006 09:49:36 -0800 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid C9D8023D7FD; Fri, 13 Jan 2006 11:04:54 -0700 (MST)Received: (qmail 1928 invoked from network); 13 Jan 2006 08:37:39 -0000 X-Message-Info: JGTYoYF78jGdnwFcx9O+QyGqy8tZRvhafgQ3ZaoooPs= Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <mailto:security-basics () securityfocus com> List-Help: <mailto:security-basics-help () securityfocus com> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317) X-Accept-Language: en-us, enReferences: <20060110011058.12554.qmail () securityfocus com> <20060111144644.A8561 () planetcobalt net>X-Virus-Scanned: amavisd-new at mobilia.itReturn-Path: security-basics-return-37743-koremeltdown=hotmail.com () securityfocus com X-OriginalArrivalTime: 15 Jan 2006 18:12:39.0317 (UTC) FILETIME=[4517A450:01C619FF]Ansgar -59cobalt- Wiechers wrote:I just dealt with a user who was unable to connect with XP and FTPX, but if they used the command line, it worked just fine. PASV mode didn't seem to make any difference. It's almost like the XP firewall doesn't keep ftp states. I use an iptables firewall to connect to the server (proftpd) and have 0 problems. When I had the user disable the windows firewall, it connected immediately. It's a recent problem, I have a feeling that MS changed the behaviour of the firewall recently, perhaps inadvertantly?On 2006-01-10 koremeltdown () hotmail com wrote:I have Windows XP (as do many of my clients) and have noticed something strange. When trying to access my server(s) via FTP, when Windows (XP Pro) Firewall is turned on, you cannot perform this task. Sometimes it has problems resolving the hostname, sometimes it just doesn't connect at all. When disabling Windows Firewall FTP works fine, however when just enabling FTP Access via the firewall configuration it doesn't seem to want to work. My XP using clients seem to be having the same problem.Looks like you (and your clients) are using FTP in active mode. In that case the FTP server tries to establish the data connection to the client which is then intercepted by the Windows Firewall. Try using passive mode. If you use the commandline FTP client: ftp.exe from Windows does only support active mode IIRC, so use something like ncftp [1] instead. [1] http://www.ncftp.com/ Regards Ansgar WiechersI recommended that the user try another firewall, but this seems like an MS problem...--------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations.http://www.msia.norwich.edu/secfocus ----------------------------------------------------------------------------
--------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus ----------------------------------------------------------------------------
Current thread:
- Windows XP and FTP koremeltdown (Jan 10)
- Re: Windows XP and FTP Mark Owen (Jan 11)
- Re: Windows XP and FTP Hamish Stanaway (Jan 16)
- Re: Windows XP and FTP Fabien Degouet (Jan 12)
- Re: Windows XP and FTP Ansgar -59cobalt- Wiechers (Jan 12)
- Re: Windows XP and FTP Hamish Stanaway (Jan 15)
- Re: Windows XP and FTP Patrick Benson (Jan 17)
- Re: Windows XP and FTP nick (Jan 15)
- Re: Windows XP and FTP Hamish Stanaway (Jan 16)
- Re: Windows XP and FTP Hamish Stanaway (Jan 15)
- Re: Windows XP and FTP Shadow Mlists (Jan 14)
- Re: Windows XP and FTP Hamish Stanaway (Jan 16)
- <Possible follow-ups>
- Re: Windows XP and FTP unimportant (Jan 11)
- RE: Windows XP and FTP Roger A. Grimes (Jan 11)
- Re: Windows XP and FTP Hamish Stanaway (Jan 16)
- Re: Windows XP and FTP PCSC Information Services (Jan 16)
- Re: Windows XP and FTP Hamish Stanaway (Jan 17)
- Re: Windows XP and FTP PCSC Information Services (Jan 16)
- RE: Windows XP and FTP Mike Fetherston (Jan 17)
- RE: Windows XP and FTP Hamish Stanaway (Jan 20)
- RE: Windows XP and FTP Daniel Jimenez (Jan 20)
(Thread continues...)
- Re: Windows XP and FTP Mark Owen (Jan 11)