Home page logo

basics logo Security Basics mailing list archives

RE: Passive FTP
From: "Alexandre Skyrme" <alexandre.skyrme () ciphersec com br>
Date: Tue, 31 May 2005 12:10:36 -0300

Greetings Roberto,

It isn't really clear on your message if you are running a server and want
to allow passive connections to it or if you want to allow passive
connections from your users to external FTP servers.

There is a good explanation for both types of FTP connections, including
diagrams and typical connections mappings, at

In case you're using Linux 2.4.X or newer with iptables there are some
modules specifically intended to track FTP connections so you don't need to
open up a wide range of ports for all connections, instead allowing only
those related to FTP connections. Most statefull firewalls should be able to
do so.

Alexandre Skyrme
Cipher - Segurança da Informação

Esta mensagem eletrônica pode conter informações privilegiadas e/ou
confidenciais, portanto fica o seu receptor notificado de que qualquer
disseminação, distribuição ou cópia não autorizada é estritamente proibida.
Se você recebeu esta mensagem indevidamente ou por engano, por favor,
informe este fato ao remetente e a apague de seu computador imediatamente.
This e-mail message may contain legally privileged and/or confidential
information, therefore, the recipient is hereby notified that any
unauthorized dissemination, distribution or copying is strictly prohibited.
If you have received this e-mail message inappropriately or accidentally,
please notify the sender and delete it from your computer immediately.

-----Original Message-----
From: Roberto Alcantara [mailto:roberto () fortalnet com br] 
Sent: terça-feira, 31 de maio de 2005 10:09
To: security-basics () securityfocus com
Subject: Passive FTP

Guys, to able my FTP users in passive mode need I realy accept in my 
firewall connections from 1024-65535 ports ?

Best regards,

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]