Firewall Wizards mailing list archives
New ftp behavior
From: dharris () kcp com
Date: Thu, 23 Oct 1997 11:18:12 -0500
This one is new to me so I don't know what to do about it. I had a customer trying to use Netscape Navigator to download a file through an ftp:// URL on a Web page at a vendor site. They received the error FTP File Transfer Failed: The FTP request could not be completed because the server is responding in an insecure manner. I checked the logs and discovered that, although the original ftp connection was made to xxx.xxx.xxx.yyy, the response was coming from xxx.xxx.xxx.zzz. The firewall very properly considered this an attempt to hijack an open port and closed the ftp transaction. What causes the remote site to behave this way? It looks like the command portion of the ftp transaction is done with xxx.xxx.xxx.yyy while the data portion is done with xxx.xxx.xxx.zzz. Maybe this is done for load-sharing, but it sure doesn't get past MY firewall. Delmer
Current thread:
- New ftp behavior dharris (Oct 23)
- Re: New ftp behavior Jyri Kaljundi (Oct 24)
- <Possible follow-ups>
- Re: New ftp behavior arager (Oct 23)
- Re: New ftp behavior Wyllys Ingersoll (Oct 24)
- Re: New ftp behavior Vern Paxson (Oct 23)
- New ftp behavior Petri Virkkula (Oct 27)
- Re: New ftp behavior David Aylesworth (Oct 27)
- RE: New ftp behavior Safier, Adam (GEIS) (Oct 27)
- Re: New ftp behavior Bernd Eckenfels (Oct 30)