Firewall Wizards mailing list archives
Re: fwtk and ftp from behind of fw-1
From: "Marcus J. Ranum" <mjr () clark net>
Date: Fri, 17 Jul 1998 21:50:03 -0400 (EDT)
Rick Murphy wrote:
The FTP RFC specifies a default data port - port 20 - in the privileged range. The ftp-gw uses a random high-numbered port.
I did this because there are still sites (and apparently products!) that are foolish enough to base their security policy on the priv'd port-ness of ftpd. The scary thing is that having ftpd send its data from a privileged port makes FTP bounce attacks totally lethal. Fortunately "we" got the BSD folks to fix that stuff in the remote user check routines (ruserok()) for rlogind but it's hard to know what other applications assume that a privileged port is "secure" :( I.e.: I broke it, and I won't apologize. :) mjr.
Current thread:
- fwtk and ftp from behind of fw-1 ark (Jul 17)
- Re: fwtk and ftp from behind of fw-1 Rick Murphy (Jul 17)
- Re: fwtk and ftp from behind of fw-1 Marcus J. Ranum (Jul 17)
- Message not available
- Re: fwtk and ftp from behind of fw-1 vale (Jul 20)
- Re: fwtk and ftp from behind of fw-1 Rick Murphy (Jul 17)
- <Possible follow-ups>
- Re: fwtk and ftp from behind of fw-1 youngk (Jul 17)
- Re: fwtk and ftp from behind of fw-1 Ryan Russell (Jul 19)