Home page logo
/

basics logo Security Basics mailing list archives

RE: Passive FTP
From: "Alexandre Skyrme" <alexandre.skyrme () ciphersec com br>
Date: Tue, 31 May 2005 12:10:36 -0300

Greetings Roberto,

It isn't really clear on your message if you are running a server and want
to allow passive connections to it or if you want to allow passive
connections from your users to external FTP servers.

There is a good explanation for both types of FTP connections, including
diagrams and typical connections mappings, at
http://slacksite.com/other/ftp.html.

In case you're using Linux 2.4.X or newer with iptables there are some
modules specifically intended to track FTP connections so you don't need to
open up a wide range of ports for all connections, instead allowing only
those related to FTP connections. Most statefull firewalls should be able to
do so.

Regards,
--
Alexandre Skyrme
Cipher - Segurança da Informação
+55-21-2542-6677
www.ciphersec.com.br

Esta mensagem eletrônica pode conter informações privilegiadas e/ou
confidenciais, portanto fica o seu receptor notificado de que qualquer
disseminação, distribuição ou cópia não autorizada é estritamente proibida.
Se você recebeu esta mensagem indevidamente ou por engano, por favor,
informe este fato ao remetente e a apague de seu computador imediatamente.
 
This e-mail message may contain legally privileged and/or confidential
information, therefore, the recipient is hereby notified that any
unauthorized dissemination, distribution or copying is strictly prohibited.
If you have received this e-mail message inappropriately or accidentally,
please notify the sender and delete it from your computer immediately.


-----Original Message-----
From: Roberto Alcantara [mailto:roberto () fortalnet com br] 
Sent: terça-feira, 31 de maio de 2005 10:09
To: security-basics () securityfocus com
Subject: Passive FTP


Guys, to able my FTP users in passive mode need I realy accept in my 
firewall connections from 1024-65535 ports ?

Best regards,
Roberto



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault