Firewall Wizards mailing list archives
Re: Variations of firewall ruleset bypass via FTP
From: Carson Gaspar <carson () taltos org>
Date: Thu, 10 Oct 2002 23:00:11 -0400
--On Thursday, October 10, 2002 10:40 PM -0400 "Paul D. Robertson" <proberts () patriot net> wrote:
One of the things that makes FTP such a bad case is that protecting the server means going to active FTP and protecting the clients means going to PASV mode. So there's not a natural protection point that allows both to be satisfied.
An application proxy that does PASV->PORT translation achieves exactly this. Trivial to do (and was done in FWTK ftp-gw years ago).
-- Carson _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Variations of firewall ruleset bypass via FTP Mikael Olsson (Oct 10)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 10)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 10)
- Re: Variations of firewall ruleset bypass via FTP Carson Gaspar (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Mikael Olsson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Mikael Olsson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Paul Robertson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 12)