Bugtraq mailing list archives
Re: ftpd: the advisory version
From: djb () CR YP TO (D. J. Bernstein)
Date: Thu, 6 Jul 2000 18:20:14 -0000
monti writes:
*allowing* other than src-20 active data connections through a firewall,
Why are you allowing PORT-style FTP through your firewall? See RFC 1579. Can I scan port 6000 on your hosts if I set my source port to 20? Netscape uses PASV. The OpenBSD ftp client uses PASV. The Linux ftp client uses PASV if you give it the -p option. Internet Explorer uses PASV. What makes you think that requiring PASV will noticeably increase the level of user annoyance at your firewall? ---Dan
Current thread:
- Re: ftpd: the advisory version Valdis Kletnieks (Jun 30)
- Re: ftpd: the advisory version Tom Perrine (Jul 02)
- Conclusion to recent working WuFTPD Exploits Eric Hines (Jul 05)
- <Possible follow-ups>
- Re: ftpd: the advisory version Carson Gaspar (Jun 30)
- Re: ftpd: the advisory version Mike Gleason (Jul 02)
- [RHSA-2000:016-03] Multiple local imwheel vulnerabilities bugzilla () REDHAT COM (Jul 03)
- Re: ftpd: the advisory version monti (Jul 05)
- Re: ftpd: the advisory version D. J. Bernstein (Jul 06)
- Re: ftpd: the advisory version monti (Jul 07)
- Re: ftpd: the advisory version Mikael Olsson (Jul 07)
- Re: ftpd: the advisory version David Maxwell (Jul 07)
- Re: ftpd: the advisory version D. J. Bernstein (Jul 10)
- Re: ftpd: the advisory version Richard Rager (Jul 11)
- Infosec.20000712.worldclient.2.1 Rikard Carlsson (Jul 12)
- ANNOUNCE Apache::ASP v1.95 - Security Hole Fixed J C (Jul 10)
- Novell Border Manger - Anyone can pose as an authenticated user Coward, Anonymous (Jul 07)