Vulnerability Development: PORT or PASV mode of IIS 4.0's FTP

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

PORT or PASV mode of IIS 4.0's FTP

From: "C. K. Lung" <clung () HOTMAIL COM>
Date: Wed, 2 Aug 2000 18:30:01 -0400

What is the "mode" of a FTP server running on MS IIS 4.0 w/sp6a?  Is it "normal/standard", "passive" or both?  Can it 
be configured by the administrator?

How about the ftp client comes Solaris?  Is "normal", passive or both?

The ftp client is trying to "get" 15,000 1-K files from the IIS's FTP server, the connection is killed by FW-1 after it 
got 100 files.  The fw-log shows that when the client's "source port" hit a "pre-defined service (port) in the 
rulebase, the connection is dropped.  CP explained that FW-1 thought that it was a security violation.

Talked to many people at work, no-one could offer any explanation.

Any pointers are appreciated.

Thanks,

CLUNG

By Date By Thread

Current thread:

PORT or PASV mode of IIS 4.0's FTP C. K. Lung (Aug 02)
- Re: PORT or PASV mode of IIS 4.0's FTP Adam Prato (Aug 02)
  - Re: PORT or PASV mode of IIS 4.0's FTP Adam Prato (Aug 03)
- Re: PORT or PASV mode of IIS 4.0's FTP Dug Song (Aug 03)
- Re: PORT or PASV mode of IIS 4.0's FTP Todd Garrison (Aug 03)
- Re: PORT or PASV mode of IIS 4.0's FTP Makoto Shiotsuki (Aug 08)