Re: HELP! We need passive FTP to work

Subject: Re: HELP! We need passive FTP to work
From: Josh Hoover (beats@azstarnet.com)
Date: Sun Oct 08 2000 - 13:02:24 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: andu: "Re: HELP! We need passive FTP to"
• Previous message: andu: "Re: HELP! We need passive FTP to"
• In reply to: rgp systems: "HELP! We need passive FTP to work"
• Reply: Josh Hoover: "Re: HELP! We need passive FTP to work"

There are a couple of options:

1. What kind of ftp server are you using? Most likely you can limit the
ports that passive ftp server allows, so you don't have to open everything
above 1023 (which is your other option).

2. Open everything above 1023 for returning traffic. You'll just have to
setup some dataflows for services you might want to block that will be
running above 1023 for your internal network. This is a security hole but
if it's your only option it till protects you for the privledged ports.

2. Use SCP or SSH. http://www.vandyke.com/ makes a product called
SecureFX very easy to install and use client SCP product (simular to using
file explorer). This is the obvious best choice because it's a lot more
secure since that seems to be what you're going for with the firewall
router.

For gawds sake whatever you do don't allow SMB to the outside, you might
as well just take your firewall out if you do that.

good luck,

joshua hoover

• Next message: andu: "Re: HELP! We need passive FTP to"
• Previous message: andu: "Re: HELP! We need passive FTP to"
• In reply to: rgp systems: "HELP! We need passive FTP to work"
• Reply: Josh Hoover: "Re: HELP! We need passive FTP to work"

This archive was generated by hypermail 2a24 : Sun Oct 08 2000 - 13:09:11 MDT