Firewall Wizards mailing list archives

RE: Active to Passive FTP translator?

From: "Scott, Richard" <Richard.Scott () BestBuy com>
Date: Tue, 26 Nov 2002 09:35:46 -0600

I am just curious at the real threat of allowing non passive FTP connections
from clients.
Assume one has a system that wants to contact many FTP servers, and the
system itself is not an FTP server.  Given that the firewall should be
restricting specific access to hosts, the only threat I can foresee are the
following:

(1) spoof the IP address of a trusted FTP server and allow for a correct
timing of events to falsify data
(2) Spoof the IP address, to send FTP commands back to the client in the
hope there is a vulnerability in the client.
(3) Compromise the FTP server and await ftp connection from client and then
perform 2.

Any other rsks?

Cheers
r.


Richard Scott
INFORMATION SECURITY
Best Buy World Headquarters
7075 Flying Cloud Drive
Eden Prairie, MN 55344 USA

The views expressed in this email do not represent Best Buy
or any of its subsidiaries


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Active to Passive FTP translator? Dawes, Rogan (ZA - Johannesburg) (Nov 25)
- Re: Active to Passive FTP translator? Mikael Olsson (Nov 25)
- Re: Active to Passive FTP translator? Magosányi Árpád (Nov 25)
- <Possible follow-ups>
- RE: Active to Passive FTP translator? Scott, Richard (Nov 26)
  - Re: Active to Passive FTP translator? David Pick (Nov 26)
  - Re: Active to Passive FTP translator? Mikael Olsson (Nov 26)
    - Re: Active to Passive FTP translator? Mikael Olsson (Nov 27)