Vulnerability Development mailing list archives
Re: ws_ftp pro 6.51 exposes internal IP addresses
From: Nick <mr_majik_is () INAME COM>
Date: Wed, 2 Aug 2000 09:54:23 -0500
maybe I was reading things wrong but... Are you sure that's a ws_ftp issue and not a filtering issue? the ip_masq_ftp equiv under openbsd needs to be dynamically interchanging internal ip addresses to the firewall ip and waiting for the connection to forward back to the internal ip address. Theoretically under a correct setup a transparent proxy should be just that.. transparent... regardless of client or direction of connection assuming the filtering module in the bsd kernel is functioning correctly. Maybe ws_ftp formats it's PASV request different compared to other clients which is throwing off the firewall's filter? On Tue, 1 Aug 2000, Crawling KingSnake wrote:
apologies. after rereading my last post I feel that it came off as a flame. I did not intend it to be inciteful. I just was trying to make 3 points (poorly). 1. There is a difference between the "bounce attack" passive setting on the server and the PASV setting on the client. 2. That this is a ws_ftp client issue since it is the only client that exhibits this odd behavior. 3. Responses without information of any value contained in them aren't productive to this group. The post I responded to could have been a bit more informative if specifics were addressed such as the server settings referenced or the fact that the respondant had actually tried the scenario and found it to replicate or not. Sorry, Crawling King Snake ______________________________________________ FREE Personalized Email at Mail.com Sign up at http://www.mail.com/?sr=signup
Current thread:
- ws_ftp pro 6.51 exposes internal IP addresses Crawling KingSnake (Aug 01)
- Re: ws_ftp pro 6.51 exposes internal IP addresses Adam Prato (Aug 02)
- <Possible follow-ups>
- Re: ws_ftp pro 6.51 exposes internal IP addresses Vachon, Scott (Aug 02)
- Re: ws_ftp pro 6.51 exposes internal IP addresses Crawling KingSnake (Aug 02)
- Re: ws_ftp pro 6.51 exposes internal IP addresses Iván Arce (Aug 02)
- Re: ws_ftp pro 6.51 exposes internal IP addresses Adam Prato (Aug 02)
- Re: ws_ftp pro 6.51 exposes internal IP addresses Crawling KingSnake (Aug 02)
- Re: ws_ftp pro 6.51 exposes internal IP addresses Nick (Aug 02)
- Re: ws_ftp pro 6.51 exposes internal IP addresses Crawling KingSnake (Aug 02)
- Re: ws_ftp pro 6.51 exposes internal IP addresses Alun Jones (Aug 08)