Re: Help please with FTP and Firewall

From: Elliott Roper <nospam@xxxxxxxxx>
Date: Thu, 02 Feb 2006 16:27:39 +0000

In article <43e22f9b$0$23280$db0fefd9@xxxxxxxxxxxxxx>, Paul Russell
<prussell@xxxxxxxxx> wrote:

Elliott Roper wrote:

In article <44enu3F1lbt7U1@xxxxxxxxxxxxxx>, Ian McCall <ian@xxxxxxxxxx>
wrote:

On 2006-02-02 15:45:39 +0000, Elliott Roper <nospam@xxxxxxxxx> said:

I think I have ftp enabled and passive wherever it matters.

Sure PASV is set where required? Those logs are showing ephemeral data
port connections, which are unpredictable and no firewall rule will
cope with. PASV makes the port predictable, allowing for a firewall
rule to work.

Thanks,
That makes sense. I have PASV ticked in sys prefs » network » proxies
on both machines. And Fetch prefs for Passive mode too.
Do I need anything else?

Probably not much help, but I've never been able to get the FTP server
on Mac OS X to work if the firewall is turned on.

My solution: use rsync instead. It's so much better than clunky old FTP.

Thanks Paul. I'm in good company then ;-)

I dare not turn off the firewall on the mini. Its external address is
under constant attack. I can live with Appletalk, and shelve my
ig-nobel experiment. It does seem as though network prefs is not
enabling PASV properly with all those high port numbers appearing in
the ipfw log.

Is rsync the one that only transfers files if their dates and hashes
disagree? I could use that when I come to refresh the real site.

--
To de-mung my e-mail address:- fsnospam$elliott$$
PGP Fingerprint: 1A96 3CF7 637F 896B C810 E199 7E5C A9E4 8E59 E248
.

Follow-Ups:
- Re: Help please with FTP and Firewall
  - From: Paul Russell

References:
- Help please with FTP and Firewall
  - From: Elliott Roper
- Re: Help please with FTP and Firewall
  - From: Ian McCall
- Re: Help please with FTP and Firewall
  - From: Elliott Roper
- Re: Help please with FTP and Firewall
  - From: Paul Russell

Prev by Date: Re: Powerbook Apple logo
Next by Date: Re: Powerbook Apple logo
Previous by thread: Re: Help please with FTP and Firewall
Next by thread: Re: Help please with FTP and Firewall
Index(es):
- Date
- Thread

Relevant Pages

Re: Strange WAN Activity
... > firewall logs for a possible TCP FIN scan that keeps ... > company's intranet server IP and its port 80 across our ... > My firewall is a Sonicwall Pro 200 and I'm running W2K ... It's difficult to be sure without inspecting the web server for signs of ...
(microsoft.public.win2000.security)
Re: How do I block just one port from being listened to on my server
... Well I looked through ALL my logs; ... Well I'll be testing that Firewall out that you gave the link to. ... I just don't want it blocking everything by ... Blocking one port isn't the answer. ...
(microsoft.public.security)
Re: Identifying Internet Attacks
... contain the hacker to a particular machine, leave the machine on the network ... Some firewall software such as ... open ports; however, this will not identify which program is using the port. ... firewall logs, the IIS web and ftp server logs and Windows security event ...
(microsoft.public.inetserver.iis.security)
Re: false portscan alarm
... What is the reason of that treffic? ... and the browser and/or the "personal firewall" had decided to close those ... which each have a local source port above 1024 opened outgoing to port 80 ... I've had a dig through my own PIX logs, and while there is nothing for today ...
(comp.security.firewalls)
Re: Firewall and Home Network
... >>> that PC should have a firewall installed. ... to access the internet and on what port using what protocol. ... You can periodically review the logs and look for strange ...
(comp.security.firewalls)