Firewall Wizards mailing list archives

Re: FTP-Data connections?

From: Robert Graham <robert_david_graham () yahoo com>
Date: Thu, 11 Nov 1999 13:53:40 -0800 (PST)

I've found a number of programming bugs in FTP clients that might account for
this.

For example, sometimes the client does not use the same IP address as from the
control connection. So if you had a "private" IP address as well as an Internet
routable IP address, then you might see such behavior. The control connection
goes out on the Internet routable IP address, but attempts to use the private
IP address (e.g. 10.0.0.1) to receive the incoming file.

The problem is (probably) easily solved by putting a sniffer on the wire and
decoding the packets. I always enjoy seeing sniffer traces, and would
appreciate a copy.

Rob.



--- fernando_montenegro () hp com wrote:

Hi everyone!

I've just come across a curious problem, and I wonder if you guys can help
me...

When connecting to a remote FTP server (I've tried ftp.microsoft.com, 
ftp.redhat.com and ftp.cdrom.com, among others) from a command-line FTP
client 
(running on Linux), the standard FTP control connection works fine, but the 
data connection (on 20/tcp) never gets established.

The weird thing is that the control connection reports "No route to host"
after 
it fails to connect back to my client on a high port. No traffic ever reaches

the local LAN or the connecting router.

Passive mode doesn't work either.

This is happening off one particular ISP, who assures me they have no
filtering 
whatsover installed. When testing off a different ISP, things work out fine 
(data connection gets established and transfers work without a glitch).

Can anyone shed any light on what might be causing this? If there was no
route 
back, the control connection wouldn't be established, would it?

I am wondering if the ISP didn't add a stateful packet filter somewhere up
the 
route and forgot to mention it to us. Any other ideas?

ObFirewalls: When this finally works, the ISP link on our end will be
protected 
with a Firewall. Before making by job harder by adding the firewall into the 
equation, I'm testing the simple stuff first...

Thanks!

Cheers,
Fernando
--
Fernando da Silveira Montenegro     Hewlett-Packard Brasil
HP Consulting - Internet Security   Al. Rio Negro, 750 - Alphaville
mailto:fernando_montenegro () hp com   Barueri, SP - Brazil 06454-000
voice: +55-11-7297-4351             #include <disclaimer.h>



=====
Robert Graham
"Anxiously awaiting the millenium so I can start programming
dates with 2-digits again."
__________________________________________________
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com

Current thread:

FTP-Data connections? fernando_montenegro (Nov 10)
- Re: FTP-Data connections? Mikael Olsson (Nov 14)
- Re: FTP-Data connections? Saravana Ram (Nov 14)
- <Possible follow-ups>
- Re: FTP-Data connections? Robert Graham (Nov 14)
- RE: FTP-Data connections? fernando_montenegro (Nov 14)