Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] ftp server using random high ports

To: <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>
Subject: Re: [FW1] ftp server using random high ports
From: "Ivan Fox" <[email protected]>
Date: Sat, 23 Dec 2000 21:53:56 -0500
References: <2B24AF280CCCD211A60300A0C9F2C99C1AE378@mandalore.capitalfactors.com>
Sender: [email protected]

We have enabled PASV in the properties of FW-1.  The client is NcFTP.  The
number of files it downloads is inconsistent.  Sometime, it could download
100 files, then it is "disconnected" from the IIS 4.0's ftp server.
sometime, it could download 6,000.  It never downloaded 10,000 1K files in
the directory!

Any pointers are appreciated.

Regard,

----- Original Message -----
From: <[email protected]>
To: <[email protected]>; <[email protected]>;
<[email protected]>; <[email protected]>
Sent: Tuesday, December 19, 2000 10:01 PM
Subject: RE: [FW1] ftp server using random high ports


> Read up on PASV FTP and PORT FTP.  Enable those in your rulebase
properties
> and you shouldn't have that problem.  I usually only enable PORT.  Also
> check to see how your FTP client requests that information.  Usually you
> will see it say something like DATA TRANSFER [PORT OR PASV] when you ls or
> download a file.
>
> Cheers,
>
> Jamie
>
> -----Original Message-----
> From: Ivan Fox [mailto:[email protected]]
> Sent: Tuesday, December 19, 2000 9:07 PM
> To: fw-wiz; Fw1-Wizards (E-mail); fw-1-mailinglist (e-mail)
> Subject: [FW1] ftp server using random high ports
>
>
>
> some users need to access an external ftp server.  they can access to the
> server using regular port 20, 21.  However, when they try to "ls" or
"dir",
> nothing comes up.  Firewall-1 log shows that the ftp server coming back
> using random high ports!
>
> Is it typical/common for ftp's returning traffic using random high ports
> instead of port 21?
> Is there any implication to allow the ftp server coming back through
random
> high ports?
>
> Any comments/input are appreciated.
>
> Ivan
>
>
>
>
============================================================================
> ====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
> ====
>
>
>
> The information transmitted by the following E-Mail is intended only for
the addressee and may contain confidential and/or privileged material. Any
interception, review, retransmission, dissemination, or other use, or taking
any action upon this information by persons or entities other than the
intended recipient is prohibited by law and may subject them to criminal or
civil liability. If you received this communication in error, please contact
us immediately atext. 3600 and delete the communication from
any computer or network system.
>
>
>


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- RE: [FW1] ftp server using random high ports
  - From: [email protected]

Prev by Date: [FW1] RE:
Next by Date: [FW1] Re: ftp server using random high ports and checkpoint
Previous by thread: RE: [FW1] ftp server using random high ports
Next by thread: [FW1] FW1 and Flood Gate installation on Sun Solaris 2.7
Index(es):
- Date
- Thread