Re: Identifying End of Tx in FTP

["M. Dodge Mumford" <dmumford () nfr net>]

If the ftp traffic is relatively light, you could do a netstat -na, and if
port 21 is closed, the FTP session is over. Depending on the web server,
passive mode, etc, you might also want to check port 20 to see if the file
is done.

Writing a quick perl (or even shell) script to do something like that
shouldn't be too hard...

Step by step intrusion detection using NFR. 

On Mon, 25 May 1998, Laris Benkis wrote:

> We have a system in place where clients drop off files via FTP to a
> wu-ftp server which are then processed automatically by scripts. Files
> have to be processed relatively quickly for the application to work
> properly therefore the convention we have developed is to indicate end
> of transmission by doing a rename of the file once the initial put is done. 
> We are trying to tighten the security of the whole process and want to
> use FW1 ftp resources to limit where puts can be done.  Unfortunately it
> turns out that when the ftp resources are used it is no longer possible to
> do rename.  
>
> The question I have then, is anybody doing something similar to this? 
> What is a reliable, transparent way to tell that an ftp transmission has
> been completed?
>
> We have  a fallback solution where the client would send a file then send
> a second delimiter file to indicate that the transmission of the first file is
> complete.  This is not desirable as client procedures would have to be
> changed.
>
> Any ideas would be appreciated.
>
> Laris

-----
Dodge   dodge () nfr net        PGP key available upon request