Home page logo

basics logo Security Basics mailing list archives

RE: Open All Outbound Ports?
From: "Mark Merchant" <mmerchant () dispatch com>
Date: Wed, 20 Nov 2002 13:33:25 -0500

Their reason was a lot of the sites that were visited used Passive
FTP, that randomly uses any port above port 1024.

Why not just restrict the ip ranges to a few hundred (thousand) ports?
This is explained in the active vs passive ftp site,
http://slacksite.com/other/ftp.html under the topic ftp appendix.

i'll have to go back and read the original post, but i think you have it
backwards. clients at their location are are making PASV connects
to servers located elsewhere. thus you get outbound connections
on high number ports.

talking ftp is always a little weird as there are always :
        2 computers X 2 ports X 2 firewalls
to deal with, whew!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]