Security Basics mailing list archives
Re: Passive FTP
From: Ashish Popli <apopli () gmail com>
Date: Wed, 01 Jun 2005 00:29:58 -0400
Depending on number of concurrent ftp sessions you want to allow, you can specify a subset of ports instead of entire set of unprivileged ports. For example on ProFTPd, the config file takes a PassivePort directive.
This way you wont open the world and can apply other filters that can discard non ftp traffic on the specified subset of ports. (assuming you dont have other applications that will use that port range)
Cheers, Ashish Popli Roberto Alcantara wrote:
Guys, to able my FTP users in passive mode need I realy accept in my firewall connections from 1024-65535 ports ?Best regards, Roberto
Current thread:
- RE: Passive FTP Jensen, Peter (Jun 01)
- <Possible follow-ups>
- Re: Passive FTP Abdurrahman Beyazaslan (Jun 01)
- RE: Passive FTP Alexandre Skyrme (Jun 01)
- Re: Passive FTP Frankie Li (Jun 01)
- RE: Passive FTP David Gillett (Jun 01)
- Re: Passive FTP Joerg Zimmermann (Jun 01)
- Re: Passive FTP Glenn English (Jun 01)
- RE: Passive FTP Tim.BUTTON (Jun 01)
- RE: Passive FTP Roberto Alcantara (Jun 01)
- Re: Passive FTP Michael Gale (Jun 01)
- Re: Passive FTP Ashish Popli (Jun 01)
- Re: Passive FTP Alexander Klimov (Jun 01)
- Re: Passive FTP eli (Jun 06)