Home page logo
/

basics logo Security Basics mailing list archives

Re: Windows XP and FTP
From: "Hamish Stanaway" <koremeltdown () hotmail com>
Date: Fri, 13 Jan 2006 04:29:45 +0000

Hey there Ansgar,

My settings were on Global Port mode, however switching to Pasv (Passive) mode made no difference.
I am using CuteFTP as my FTP Client.



Kindest of regards,

Hamish Stanaway, CEO

Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
Auckland, New Zealand

http://www.webhosting.net.nz
http://www.buywebhosting.co.nz
http://www.koreworks.com





From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
To: security-basics () securityfocus com
Subject: Re: Windows XP and FTP
Date: Wed, 11 Jan 2006 14:46:44 +0100
MIME-Version: 1.0
Received: from outgoing.securityfocus.com ([205.206.231.26]) by bay0-mc2-f14.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Thu, 12 Jan 2006 18:40:51 -0800 Received: from outgoing.securityfocus.com by outgoing.securityfocus.com via smtpd (for mail.hotmail.com [65.54.244.40]) with ESMTP; Thu, 12 Jan 2006 18:17:48 -0800 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])by outgoing2.securityfocus.com (Postfix) with QMQPid 1F5B216129D; Wed, 11 Jan 2006 10:48:18 -0700 (MST)
Received: (qmail 13451 invoked from network); 11 Jan 2006 14:01:40 -0000
X-Message-Info: JGTYoYF78jHl5McLVGHmFGkdDYE/kFai12TW4MD/Muw=
Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm
Precedence: bulk
List-Id: <security-basics.list-id.securityfocus.com>
List-Post: <mailto:security-basics () securityfocus com>
List-Help: <mailto:security-basics-help () securityfocus com>
List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com>
List-Subscribe: <mailto:security-basics-subscribe () securityfocus com>
Delivered-To: mailing list security-basics () securityfocus com
Delivered-To: moderator for security-basics () securityfocus com
X-Authentication-Warning: kpnet.de: planetcobalt set sender to bugtraq () planetcobalt net using -f
Mail-Followup-To: security-basics () securityfocus com
References: <20060110011058.12554.qmail () securityfocus com>
User-Agent: Mutt/1.2.5i
Return-Path: security-basics-return-37723-koremeltdown=hotmail.com () securityfocus com X-OriginalArrivalTime: 13 Jan 2006 02:40:51.0793 (UTC) FILETIME=[C4C8FC10:01C617EA]

On 2006-01-10 koremeltdown () hotmail com wrote:
> I have Windows XP (as do many of my clients) and have noticed
> something strange. When trying to access my server(s) via FTP, when
> Windows (XP Pro) Firewall is turned on, you cannot perform this task.
> Sometimes it has problems resolving the hostname, sometimes it just
> doesn't connect at all. When disabling Windows Firewall FTP works
> fine, however when just enabling FTP Access via the firewall
> configuration it doesn't seem to want to work. My XP using clients
> seem to be having the same problem.

Looks like you (and your clients) are using FTP in active mode. In that
case the FTP server tries to establish the data connection to the client
which is then intercepted by the Windows Firewall. Try using passive
mode.

If you use the commandline FTP client: ftp.exe from Windows does only
support active mode IIRC, so use something like ncftp [1] instead.

[1] http://www.ncftp.com/

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------




---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]