Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Windows XP and FTP

From: "Daniel Jimenez" <djimenez () teknicaitg com>
Date: Fri, 20 Jan 2006 12:46:00 -0800
Hi,

Has this computer experienced anything else unusual?  I have seen
similar things when trying to ftp into servers when the hard drives have
suffered some abuse (due to extreme temperatures, or abrupt power
failures).

If this is the case, your OS or Filesystem could possibly be corrupted.

Daniel Jimenez

-----Original Message-----
From: Hamish Stanaway [mailto:koremeltdown () hotmail com] 
Sent: Tuesday, January 17, 2006 9:17 PM
To: mike_sha () shaw ca; nick () mobilia it; bugtraq () planetcobalt net
Cc: security-basics () securityfocus com
Subject: RE: Windows XP and FTP

Hi there Mike,

I have tried this, however get the same result - it tells me I do not
have 
permission to access the folder.



Kindest of regards,

Hamish Stanaway, CEO

Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
Auckland, New Zealand

http://www.webhosting.net.nz
http://www.buywebhosting.co.nz
http://www.koreworks.com






From: Mike Fetherston <mike_sha () shaw ca>
To: 'Hamish Stanaway' <koremeltdown () hotmail com>, nick () mobilia it, 
bugtraq () planetcobalt net
CC: security-basics () securityfocus com
Subject: RE: Windows XP and FTP
Date: Tue, 17 Jan 2006 08:50:57 -0500
MIME-Version: 1.0
Received: from pd7mo4no.prod.shaw.ca ([64.59.134.9]) by 
bay0-mc2-f14.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211);

Tue, 17 

Jan 2006 05:51:37 -0800
Received: from pd6mr7no.prod.shaw.ca (pd6mr7no-qfe2.prod.shaw.ca 
[10.0.144.220]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 
(built Mar 15 2004)) with ESMTP id <0IT800B1ZP5YMY60@l-daemon> for 
koremeltdown () hotmail com; Tue, 17 Jan 2006 06:51:34 -0700 (MST)
Received: from pn7ml1no.prod.shaw.ca ([10.0.149.110]) by 
pd6mr7no.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built

Mar 

15 2004)) with ESMTP id <0IT8002KKP5YPH00 () pd6mr7no prod shaw ca> for 
koremeltdown () hotmail com; Tue, 17 Jan 2006 06:51:34 -0700 (MST)
Received: from mike ([24.109.18.214]) by l-daemon (Sun ONE Messaging

Server 

6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id 
<0IT80002VP5N5CA0@l-daemon> for koremeltdown () hotmail com; Tue, 17 Jan

2006 

06:51:33 -0700 (MST)
X-Message-Info: JGTYoYF78jHBMs6cVUM9z++oiyoeo8b9wHwFmUx7wWI=
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-Mailer: Microsoft Outlook, Build 10.0.6626
X-MSMail-priority: Normal
Return-Path: mike_sha () shaw ca
X-OriginalArrivalTime: 17 Jan 2006 13:51:37.0925 (UTC) 
FILETIME=[23005F50:01C61B6D]

Why not just use IE's built-in ftp capabilities?  You can set it to

passive

mode by going to Tools > Options > Advanced and ticking off "Use

Passive

FTP".  Then it's just a simple matter of typing in ftp://ftp.host.com

in 

the
address bar and supplying your credentials.

Mike Fetherston


-----Original Message-----
From: Hamish Stanaway [mailto:koremeltdown () hotmail com]
Sent: Monday, January 16, 2006 3:37 AM
To: nick () mobilia it; bugtraq () planetcobalt net
Cc: security-basics () securityfocus com
Subject: Re: Windows XP and FTP

Thanks so much Nick,

This is too what I thought - however I was hoping for a work around,

or

patch to fix this issue - it is going to be hard to explain to every
client
I have using XP that they will have to disable their firewalls - 

hopefully

someone can shed some light on this issue for both of us.



Kindest of regards,

Hamish Stanaway, CEO

Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
Auckland, New Zealand

http://www.webhosting.net.nz
http://www.buywebhosting.co.nz
http://www.koreworks.com






From: nick <nick () mobilia it>
To: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
CC: security-basics () securityfocus com
Subject: Re: Windows XP and FTP
Date: Fri, 13 Jan 2006 09:58:26 +0100
MIME-Version: 1.0
Received: from outgoing.securityfocus.com ([205.206.231.27]) by
bay0-mc2-f4.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211);

Sun,

15

Jan 2006 10:12:39 -0800
Received: from outgoing.securityfocus.com by

outgoing.securityfocus.com

     via smtpd (for mail.hotmail.com [65.54.244.40]) with ESMTP;

Sun, 

15

Jan 2006 09:49:36 -0800
Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])by outgoing3.securityfocus.com (Postfix) with

QMQPid

C9D8023D7FD; Fri, 13 Jan 2006 11:04:54 -0700 (MST)
Received: (qmail 1928 invoked from network); 13 Jan 2006 08:37:39

-0000

X-Message-Info: JGTYoYF78jGdnwFcx9O+QyGqy8tZRvhafgQ3ZaoooPs=
Mailing-List: contact security-basics-help () securityfocus com; run

by

ezmlm

Precedence: bulk
List-Id: <security-basics.list-id.securityfocus.com>
List-Post: <mailto:security-basics () securityfocus com>
List-Help: <mailto:security-basics-help () securityfocus com>
List-Unsubscribe: 

<mailto:security-basics-unsubscribe () securityfocus com>

List-Subscribe:

<mailto:security-basics-subscribe () securityfocus com>

Delivered-To: mailing list security-basics () securityfocus com
Delivered-To: moderator for security-basics () securityfocus com
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
References: <20060110011058.12554.qmail () securityfocus com>
<20060111144644.A8561 () planetcobalt net>
X-Virus-Scanned: amavisd-new at mobilia.it
Return-Path:



security-basics-return-37743-koremeltdown=hotmail.com () securityfocus com

X-OriginalArrivalTime: 15 Jan 2006 18:12:39.0317 (UTC)
FILETIME=[4517A450:01C619FF]

Ansgar -59cobalt- Wiechers wrote:

On 2006-01-10 koremeltdown () hotmail com wrote:


I have Windows XP (as do many of my clients) and have noticed
something strange. When trying to access my server(s) via FTP,

when

Windows (XP Pro) Firewall is turned on, you cannot perform this

task.

Sometimes it has problems resolving the hostname, sometimes it

just

doesn't connect at all. When disabling Windows Firewall FTP works
fine, however when just enabling FTP Access via the firewall
configuration it doesn't seem to want to work. My XP using

clients

seem to be having the same problem.



Looks like you (and your clients) are using FTP in active mode. In



that

case the FTP server tries to establish the data connection to the 

client

which is then intercepted by the Windows Firewall. Try using

passive

mode.

If you use the commandline FTP client: ftp.exe from Windows does

only

support active mode IIRC, so use something like ncftp [1] instead.

[1] http://www.ncftp.com/

Regards
Ansgar Wiechers

I just dealt with a user who was unable to connect with XP and

FTPX, 

but

if

they used the command line, it worked just fine. PASV mode didn't

seem 

to

make any difference. It's almost like the XP firewall doesn't keep

ftp

states. I use an iptables firewall to connect to the server

(proftpd) 

and

have 0 problems. When I had the user disable the windows firewall,

it

connected immediately. It's a recent problem, I have a feeling that

MS

changed the behaviour of the firewall recently, perhaps

inadvertantly?


I recommended that the user try another firewall, but this seems

like 

an

MS problem...







-----------------------------------------------------------------------

--

--

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec

management

education and the case study affords you unmatched consulting 

experience.

Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity
Planning, Computer Emergency Response Teams, and Digital 

Investigations.


http://www.msia.norwich.edu/secfocus




-----------------------------------------------------------------------

--

---








-----------------------------------------------------------------------

---

-
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec

management

education and the case study affords you unmatched consulting 

experience.

Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity
Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus


-----------------------------------------------------------------------

---

--








------------------------------------------------------------------------
---
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting
experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity
Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: