Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: ftpd: the advisory version
From: mikael.olsson () ENTERNET SE (Mikael Olsson)
Date: Sat, 8 Jul 2000 01:12:53 +0200

"D. J. Bernstein" wrote:


[snip]
Internet Explorer uses PASV. What makes you think that requiring PASV
will noticeably increase
the level of user annoyance at your firewall?


Because Internet Explorer 5 does NOT use PASV by default any more;
it defaults to PORT.
That is:
* If you set IE5 to display FTP as a "file explorer", it uses PORT.
  This is the default mode.
* If you set IE5 to "display FTP as a web page", is uses PASV.

Probably some geek coder thought "ah you can be active with file
explorer so we'll use active mode, while web pages are pretty passive
things, so we'll use passive mode".

Duh.

--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK
Phone: +46 (0)660 29 92 00         Direct: +46 (0)660 29 92 05
Mobile: +46 (0)70 66 77 636        Fax: +46 (0)660 122 50
WWW: http://www.enternet.se/       E-mail: mikael.olsson () enternet se

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]