Security Basics mailing list archives

Re: Windows XP and FTP

From: "Hamish Stanaway" <koremeltdown () hotmail com>
Date: Mon, 16 Jan 2006 08:52:41 +0000

Hi there,

I have passive FTP enabled both on CuteFTP Client and also through internetexplorer - still have problems, unless I disable windows XP Firewall.




Kindest of regards,

Hamish Stanaway, CEO

Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
Auckland, New Zealand

http://www.webhosting.net.nz
http://www.buywebhosting.co.nz
http://www.koreworks.com

From: Mark Owen <mr.markowen () gmail com>
To: "koremeltdown () hotmail com" <koremeltdown () hotmail com>
CC: security-basics () securityfocus com
Subject: Re: Windows XP and FTP
Date: Tue, 10 Jan 2006 17:48:22 -0500
MIME-Version: 1.0
Received: from outgoing.securityfocus.com ([205.206.231.27]) bybay0-mc9-f19.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 11Jan 2006 19:13:21 -0800Received: from outgoing.securityfocus.com by outgoing.securityfocus.comvia smtpd (for mail.hotmail.com [65.54.245.8]) with ESMTP; Wed, 11Jan 2006 19:13:20 -0800Received: from lists.securityfocus.com (lists.securityfocus.com[205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid01C7C239536; Wed, 11 Jan 2006 10:04:27 -0700 (MST)
Received: (qmail 3067 invoked from network); 10 Jan 2006 23:03:24 -0000
X-Message-Info: JGTYoYF78jFZCux7iJXNuzHYWeWKnv5lVm3HqSwsCog=
Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm
Precedence: bulk
List-Id: <security-basics.list-id.securityfocus.com>
List-Post: <mailto:security-basics () securityfocus com>
List-Help: <mailto:security-basics-help () securityfocus com>
List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com>
List-Subscribe: <mailto:security-basics-subscribe () securityfocus com>
Delivered-To: mailing list security-basics () securityfocus com
Delivered-To: moderator for security-basics () securityfocus com
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta;d=gmail.com;h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;b=JFVdRqUPE0QOU2dG5ivYwrCQAXlzz5QOJweTyl4hJJwCdm4Ej9d2KFGWJwSAWRg4uSWI/kK8POAnjYiFo7TT7DkZ/XdqQVJ8TfKeENDx1ZNKFKbO3NsDWb83P6ZX+LKnCnb2PZG4Q8ah/vmZPhBE5UTUcQVlV0fRTjmIdAu8cNI=
References: <20060110011058.12554.qmail () securityfocus com>
Return-Path:security-basics-return-37716-koremeltdown=hotmail.com () securityfocus comX-OriginalArrivalTime: 12 Jan 2006 03:13:22.0188 (UTC)FILETIME=[24E5E4C0:01C61726]
On 10 Jan 2006 01:10:58 -0000, koremeltdown () hotmail com

**snip**
> I could ask all of my XP using clients to just disable their XP Firewallwhen uploading their websites via FTP, but I don't think the more savvycustomers would appreciate doing that (they are smart enough to realisewhat it means to disable a firewall on todays internet).> My question to the list is, does anyone know how to correctly configureXP Firewall to get around this issue, or is disabling the firewall the onlyway? I would like to include this in my FAQ, so the easier workthrough thebetter.
Does not resolve?  Well, I don't have a XP machine in front of me but
you can goto the advanced section for the firewall settings and add
your FTP client to an exception list.  Or, in the same spot you can
tell it to allow FTP to go through.  I haven't had this kind of
problem before but this may fix it.

Generally,  when one of our users have a FTP/Firewall issue, and they
are using explorer as their FTP client, I have them enable Passive FTP
by going to "Internet Options" - "Advanced" - and check "Use Passive
FTP.." or likewise in what ever FTP client they may be using.

--
Mark Owen

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business ContinuityPlanning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------




---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE

The Norwich University program offers unparalleled Infosec managementeducation and the case study affords you unmatched consulting experience.Tailor your education to your own professional goals with degreecustomizations including Emergency Management, Business Continuity Planning,Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------

Current thread:

Windows XP and FTP koremeltdown (Jan 10)
- Re: Windows XP and FTP Mark Owen (Jan 11)
  - Re: Windows XP and FTP Hamish Stanaway (Jan 16)
- Re: Windows XP and FTP Fabien Degouet (Jan 12)
- Re: Windows XP and FTP Ansgar -59cobalt- Wiechers (Jan 12)
  - Re: Windows XP and FTP Hamish Stanaway (Jan 15)
    - Re: Windows XP and FTP Patrick Benson (Jan 17)
  - Re: Windows XP and FTP nick (Jan 15)
    - Re: Windows XP and FTP Hamish Stanaway (Jan 16)
- Re: Windows XP and FTP Shadow Mlists (Jan 14)
  - Re: Windows XP and FTP Hamish Stanaway (Jan 16)
- <Possible follow-ups>
- Re: Windows XP and FTP unimportant (Jan 11)
- RE: Windows XP and FTP Roger A. Grimes (Jan 11)

(Thread continues...)